Recently, we have received multiple reports of phishing, and it is not uncommon for fraudsters to fake CoinEx customer support on Telegram. These fraudsters usually lie that they can help the victims retrieve security tools such as 2FA, thereby defrauding the victim's CoinEx account information. After users provide their private information to fraudsters, their accounts are stolen, resulting in asset loss that cannot be recovered.
🎣 What is Phishing Attack?
Phishing attacks are a method of fraud that is mainly spread and implemented on the Internet. Taking advantage of people's psychological weaknesses such as instinct, curiosity, trust, and greed, fraudsters will fake CoinEx through malicious links or software to steal the victims' account username, password, 2FA and other sensitive information, thereby stealing users' assets. Common phishing attacks include:
- Fake CoinEx official website or App
- Fake CoinEx Email baiting
- Instant message with a malicious link
- Social websites with manipulated or fake CoinEx links
- Chat with impersonated CoinEx support/official staff
- Fake CoinEx hotline or support in the search engine, etc
- Malware downloaded from the internet
- Free Wi-Fi phishing
🛡️ How to prevent phishing attacks?
1. Do not trust anyone who contacts you and attempts to obtain your account information:
CoinEx will not chat with you first through chat tools. All CoinEx official contact channels (eg. Telegram, Email) can be verified via CoinEx Official Verification Channel.
2. Do not log in to your CoinEx account through other websites:
Download CoinEx App through official channels (https://www.coinex.com) to log in to your account.
3. Do not click on any unknown links:
No links will be attached to messages sent by CoinEx official SMS channel.
4. Set up an Anti-Phishing Code. Do not share your Anti-Phishing Code with others.
For instructions, please refer to What's Anti-Phishing Code and How to Set it Up.
5. Keep your accounts isolated:
Use a unique Email and a completely different password for every account.
6. Keep your 2FA activated:
For instructions, please refer to How to Bind 2FA (Two-factor Authentication).
7. Install firewall and anti-virus software to keep the online environment safe.
When your mobile phone is connected to unsafe Wi-Fi, your private information, including account username, password, and other sensitive data will be leaked.
🤝 Joint efforts in phishing attack protection
1. Stay vigilant
- Attend to the details: A spoofed message often contains subtle mistakes such as spelling mistakes, strange syntax, unsmooth words, misspelled domain names, etc. Make it a habit to check links, hover your mouse over the link to see if the domain name is normal.
- Attend to privacy protection: CoinEx support and staff will NEVER ask you for any of your account and password information. Do not disclose your personal account information to others.
- Attend to phishing prevention: The attackers will usually try to push users into action by creating a sense of anxiety, pressure, urgency, or even a threat. Stay calm to avoid property loss.
2. Multiple pre-cautions
- Always upgrade Google Chrome or Mozilla Firefox to the latest version. Google Chrome or Mozilla Firefox will warn users of phishing or unsafe high-risk website.
- Keep your systems/apps updated to avoid security bugs. Install anti-virus software and keep it up to date.
- Check the official website address https://www.coinex.com every time you open it.
3. Stop loss in time
After being contaminated by phishing emails/malware, remember to change your login password and 2FA in time, disconnect the contaminated device from the network, and perform a full antivirus scan.
For account theft/asset loss, etc., you are strongly advised to contact CoinEx official customer service for help. Please submit a ticket to contact CoinEx customer service as soon as possible.
🙋 Reporting phishing to CoinEx
When entering any suspicious phishing sites, please submit a ticket to contact CoinEx customer service.