Main Takeaways
Binance employs many tools and measures to protect users from crypto scams and account takeover attacks (ATO).
Some examples include real-time risk monitoring and user tools like 2FA, anti-phishing codes, and timely alerts.
The Binance risk control team plays an invaluable role behind the scenes. Learn exactly how they safeguard users’ assets for the world’s largest crypto exchange.
Finding the right combination of security and user experience is a challenging but daily responsibility for our risk control team at Binance. Too many protective measures can frustrate users, while too little leaves an ecosystem open to costly threats.
At Binance, we’ve underpinned each user’s crypto journey with robust risk control measures that protect them from prevalent scams and account takeover attacks (ATO). We do this by preemptively identifying malicious actors before they strike.
In the following sections, we’ll look closer at our risk control team’s primary responsibilities. We’ll also highlight some best practice tips for Binance users to protect their funds.
Scam Prevention
Scams, and the methods used, evolve just as fast as the crypto industry. To stay one step ahead of the cybercrime industry, we employ a vast arsenal of tools and measures, from real-time risk monitoring to ensuring our users have all the knowledge they need to identify and avoid scammers.
What we’ve achieved so far
Let’s first take a look at what our risk control team has accomplished since the beginning of 2022 in combating prevalent crypto scams. The team has:
Identified 40 million malicious, fraudulent transactions.
Triggered protection measures for over 5.2 million potential victims.
Successfully assisted users in avoiding losses of around 460 million USDT.
Keep reading to see the different ways we protect you, as well as the resources and tools that are readily available.
How We Protect Users From Scams
1. Warning notifications
Using a risk control engine alongside powerful data computing capabilities, we can monitor each transaction going in and out of our platform for fraudulent behavior. When triggered, our system can also send real-time notifications to warn users of potential risks before they click continue.
2. Binance Verify
Scammers impersonating our employees is an unfortunate byproduct of our influence and reputation — one that millions of crypto users trust globally.
Our official database, Binance Verify, allows anyone to cross-check Binance domains, email addresses, phone numbers, WeChat IDs, Telegram IDs, and Twitter handles. If anyone contacts you as a “Binance employee,” don’t instantly trust their credibility. Please verify the source on Binance Verify first.
3. Suspicious address watchlist
We add suspicious addresses onto a special list for careful monitoring. Here’s an example of how it works to protect you.
Let’s say a user initiates a withdrawal to one of these “suspicious addresses.” Our system will automatically intercept the transaction and temporarily restrict the user’s withdrawals for a short period. At the same time, we have a list of trusted addresses that ensures we minimize false positives.
We also send questionnaires to users who we suspect have been defrauded. Answers that raise a red flag will place the user in a cooling-down period, temporarily disabling their withdrawals.
4. Reporting tool
Binance users can report any scams or fraudulent activities via Binance Support. In the event of a scam, reports may allow us to help other victims recover their losses and stop criminals from targeting more people. We regularly block wallet addresses and/or accounts that we’ve identified as scammers.
5. Anti-scam educational resources
On the Binance blog, we’ve created an ongoing educational series, titled Know Your Scam, that helps users understand popular crypto scams, their techniques, and how to avoid them. The series has so far been received well by users.
The best method to prevent scams is through educating users to make better, more well-informed decisions. Ultimately, you play the largest role in protecting your funds. Feel free to check out some of the latest Know Your Scam articles we’ve released:
Account Takeover Attacks
The risk control team holds a crucial position in mitigating and addressing instances of breached user accounts, also known as account takeover attacks (ATO). Our responsibilities encompass activity monitoring, incident investigation, and anti-ATO development and implementation.
In addition, we’ve built a library of educational articles to help users like you secure your accounts, as well as ensure regulatory compliance to maintain a secure trading environment.
What we’ve achieved so far
Since 2022, our anti-ATO measures have shielded 67,000 potential victims from account takeovers. In potential user losses, this adds up to approximately 223 million USDT.
The following section will share more about the security tools available to users, and the risk control methods we use to thwart attackers.
How We Combat Account Takeover Attacks
1. Two-factor authentication (2FA)
As a basic anti-ATO measure, we encourage all Binance users to enable 2FA. This adds an extra layer of security to your account rather than just using a password.
To reduce reliance on SMS-based 2FA, Binance users have access to a broad selection of 2FA alternatives like Passkey, Google Authenticator, and our own Binance Authenticator. Note that the lack of end-to-end encryption in SMS-based 2FA exposes users to vulnerabilities such as interception, spoofing, phishing, and SIM swapping.
For more information on setting up 2FA, please refer to our library of FAQ guides.
What are passkeys?
Passkeys are the latest addition to our supported-2FA methods. Instead of a password or SMS code, it authenticates your identity using locally-stored biometrics (Face ID, Touch ID, etc.) or passcodes.
Binance users can add passkeys using iCloud Keychain for iOS devices, screen lock or PIN for Android devices, and USB security key for both iOS and Android devices. Once activated, you can immediately use your passkey for 2FA across all linked devices.
2. Preventative measures
Crypto withdrawals pose high risks due to the irreversible and pseudonymous nature of blockchain transactions. After funds leave Binance, tracing the owner and recovering assets is significantly more challenging. That’s why we employ a range of measures designed to stop criminals from absconding with stolen user funds.
Withdrawal address whitelist. Each Binance user has a whitelist where they, upon passing multiple verification checks, can add trusted withdrawal addresses for specific cryptocurrencies. This helps users prevent unauthorized transfers in case their account is stolen.
Risk identification. Our risk control engine temporarily suspends withdrawals for users after abnormal behavior or potential security threats. For example, withdrawals are typically disabled for 24 or 48 hours after a password change. They resume automatically after the suspension period.
Facial verification. Facial verification allows us to confirm the person behind the account is who they really are. We use advanced artificial intelligence models to first enhance user security, but also keep pace with the rapidly-evolving technology behind deep fakes.
3. Alerts and notifications
Alerts and notifications provide users with real-time updates on their account activity, including new devices, attempted logins, and suspicious transactions, to name a few. We always encourage users to enable their alerts and customize them according to what information they deem essential.
4. Anti-phishing code
A unique set of letters and numbers, anti-phishing codes help Binance users distinguish real Binance emails from fake phishing attempts. Once set up, you’ll find your unique code in the bottom right of every legitimate email from Binance.
5. API key security
All API keys at Binance are cryptographically secured via Ed25519, a specific instance of the Edwards-curve Digital Signature Algorithm (EdDsa) family of signature schemes. This ensures better performance and improved security via asymmetrical keys.
For APIs that have enabled permissions beyond “reading,” we require mandatory binding of IP whitelists. Doing so prevents hackers from exploiting a leaked API from the user side. Moreover, third-party brokers must also bind the IP whitelist limited by the broker when using Binance API to provide services.
Finally, we conduct surveillance on public third-party platforms on the Internet. When we discover potential API key leaks, we delete the API and notify users immediately.
6. Anti-ATO educational resources
In line with our Know Your Scam initiative, we recently introduced a new blog series, titled Stay Safe, to explore and discuss account takeover attacks.
Our goal is to increase awareness among users regarding the potential risks associated with storing sensitive information online and empower them to safeguard themselves against the increasing prevalence of ATO attacks.
Building a Secure Ecosystem
The Binance risk control team works around the clock to safeguard the Binance ecosystem — while ensuring a frictionless user experience — through a combination of advanced tools and measures. We’re always looking to improve our technology, products, and operations to serve our users best.
If you’ve fallen victim to a scam or a hacker, please contact law enforcement and file a report to Binance Support immediately. Binance works closely with law enforcement, and our cooperation regularly results in detections and seizures. While recovering your money is far from guaranteed, this is, in most cases, the only chance to retrieve the stolen funds.