Phishing emails are one of the most common security threats to your account. These emails “fish” sensitive information, such as your password or two-factor authentication (2FA) code, under the guise of a person or brand you trust. Here are some pointers to help you identify phishing emails.
1. Read the language for anything that seems suspicious, such as spelling mistakes, awkward language, or urgent threats requesting you to take action immediately. You can visit Examples of Phishing Emails for more details.
2. Check any suspicious sender addresses, social media accounts, and website links with Binance Verify. Anything that appears with “Source Not Verified” is likely malicious.
Note that scammers often spoof their sender address to appear as “binance.com.” You should continue to take extra precaution even if Binance Verify identifies a source as verified.
3. Set up your unique anti-phishing code. Once enabled, all genuine Binance emails will include it. Any email from “Binance” that doesn’t have your anti-phishing code is likely malicious.
4. If you’re suspicious of an email’s legitimacy, contact Binance Support with email screenshots and an EML file for verification. The Binance security team can help verify their authenticity.
EML files provide additional information that can help the Binance security team verify an email’s authenticity. To download the EML file, click [...] on your email client and choose [Download].
Right-click on the EML file you downloaded and click [Open With] - [Other]. Select [TextEdit] if you’re using macOS or [Notepad++] if you’re using Windows.