A tweet from Binance was posted to advice users to ‘be vigilant and lean about common phishing tactics to help keep their coins secure.’ Also the Binance Academy also gives a list of some general security measures one should practice.
Phishing is a term used to refer to deceptive tactics where a trusted website gets impersonated in order to collect users’ personal information. In this case, it could be your password, private keys, and recovery phrases for your crypto coins wallets or exchange accounts.
In as much as the crypto space has evolved since inception, the level of scam witnessed has also increased. In order to be able to prevent losing your crypto assets through phishing you need to know some of the major phishing tactics carried out by scammers.
The Purchase of Domain
One of the common Phishing techniques used is to purchase domains. Although they can be so hard to identify, it is usually safe to assume that any major corporation will use their primary URL. All registered domains have multiple sub-domains that host different contents, and are controlled by the main domain register.
It is important to understand the different parts of a domain name and how they work as well. –This is because most phishers love to play tricks with a URL website by registering a domain name with small, hard-to-identify differences from the real website.
Email Phishing Scams
Another way phishers contact users is through their email addresses. Links contained in an email will lead users to a fake website and ask them to reveal sensitive information such as their private keys.
Another email phishing technique used is informing users that there are pending transactions for their exchanges or wallet accounts, asking them to confirm the authenticity of the transaction before it gets processed.
Scammers can find a cryptocurrency community and create a Facebook page with the same title and design as the official page. Because in Facebook you can set any name for your organisation or yourself, these phishers always display their organizations far more prominently than real addresses.
They then send phishing messages from the fake page to members of the real community. They usually go as far as tagging the users’ (victims) profile photos on their page. It is advisable for users to disable notifications about tags created by unknown users, communities or pages.
More info here.