Phishing scams, a form of cyber attack in which scammers try to trick you into sharing sensitive information, have been around for as long as the internet itself. With the rising popularity of cryptocurrency and exchanges such as Binance, these scams have evolved and become more sophisticated. Let's dive into the mechanics of these email phishing campaigns and how you can protect yourself.
Real-World Case
According to the phishing email samples reported by users, Binance users mainly receive the following types of phishing emails.
The user received an email, seemingly from Binance, alerting him to suspicious activity on his account. The email instructed him to click on a link and log in to his account to secure it. The link led to a near-perfect replica of Binance's website, where the victim unknowingly gave his login credentials to the scammers.
The user received emails similar to Binance's official activities, such as Airdrops, to induce users to participate in scammers' project.
The screenshot below shows a sample of some phishing emails.
Understanding the Threat
Phishing campaigns targeting crypto users often employ email spoofing, making it appear as if the email is coming directly from a reputable exchange like Binance. The email might alert you to a fake security risk or ask you to verify your account details. Typically, you will be asked to click on a link which leads to a counterfeit exchange website, indistinguishable from the original.Once on the bogus site, any information you input, such as login details or private keys, goes straight to the scammers. In some cases, the fake website might even prompt you to make a transaction, leading to immediate financial loss.
Technical Tutorial - How to identify phishing emails from an EML file
From this part, users can understand how to analyze an email from a technical level.
If you use Gmail, then you can follow the steps below to download the eml file
You can download emails directly to your computer. Once downloaded, you can attach an email to another email.
On your computer, go to Gmail.
Open the email.
Click More
Click Download message.
Open the EML file as a text file editor, you will see the content as the following.
Here are a few more important fields that need attention:
Return-path
Reply-To
Received
Fields starting with “X”
Case 1. Return path does not contains the official Binance sender
Case 2. Malformed SPF/DKIM/DMARC
Protecting Yourself
1. Beware of Unsolicited Emails: Be suspicious of emails that ask for immediate action. Phishers often create a sense of urgency to trick you into making a hasty, ill-informed decision.
2. Check Email Addresses Carefully: Although phishing emails may look legitimate, the sender's email address often reveals the truth. Be cautious of email addresses that resemble, but do not exactly match, those of the exchange.
3. Don't Click on Suspicious Links: Instead of clicking on the link provided in the email, manually type the exchange's web address into your browser.
4. Enable Two-Factor Authentication (2FA): This adds an extra layer of security by requiring a second form of identification, making it harder for phishers to gain access to your account.
5. Keep Your Information Private: Remember, no reputable exchange will ever ask for your private keys or password over email.
6. Stay Informed: Cybersecurity threats evolve continuously, so it's crucial to keep yourself updated on the latest phishing tactics.
7. Set up an Anti-Phishing Code on Binance: An anti-phishing code is a security feature that lets you add an extra layer of security to your Binance account. Once you've enabled the anti-phishing code, it will be included in all genuine emails from Binance. This code will allow you to discern real emails from phishing emails, helping you prevent phishing attempts.
Being vigilant and following security best practices are your best defenses against phishing attacks. Remember, when it comes to your valuable digital assets, it's always better to be safe than sorry. Stay alert, and keep your crypto safe.