Richard Teng, CEO of Binance, issued a strong message to the crypto community after the exchange had become aware of a different scam method by using fake customer service calls.
Scammers are allegedly posing as Binance support using spoofed phone numbers or VOIP to sound legit and believable, Teng stated in an X post.
These scammers convince victims that their Binance accounts are hacked, then scam victims to change their API (application programming interface) settings “for security reasons.”
When victims make the requested API changes, hackers take advantage of the broader API permissions to make withdrawals and send the money directly to their wallets.
Teng further added that Binance will never ask customers for credentials, passwords, or API changes to a user’s account over the phone.
A Deeper Explanation of How the Scam Operates
According to an announcement by Binance, they stated that the scam starts with what looks like a legitimate telephone call from a “official” Binance phone number.
At the other end of the call is someone calm and authoritative, who warns you of imminent security threats and tells you that you need to update necessary API permissions immediately.
As far as the unsuspecting user can tell, this appears to be just another one of the many Binance security features, but in reality, it is an attack vector for hackers.
With higher API permissions, criminals can circumvent the protection and transfer funds from customers’ accounts unnoticed.
The timing of this type of scam is especially harmful, as it usually occurs during the most active trading periods when customers are engaged with market activity.
Initial reports show tens of people being affected by this overall scam, and the potential losses are in the hundreds to even thousands of dollars.
Also Read: Australian Federal Police Warn Of Crypto Text Scam Impersonating Binance
Real-Life Impact on Users
For the victims, the impact of such scams is both financial and psychological.
Some users claimed wallet withdrawals in the thousands of USDT, with others shocked and feeling betrayed just after they learnt they were tricked into jeopardising their own accounts.
The victims were reassured they were being cautious in safeguarding their holdings, all the while, they undermined their security and opened the door for scammers.
These losses show not just the risks of crypto but how ill actors take advantage of moments of vulnerability in speed-of-matter markets.
Also Read: Binance Users Targeted by SMS Crypto Phishing Scams: How does it work?
Binance’s Countermeasures and Guidance
As a response, Binance has sent risk teams to track suspicious call patterns and malicious networks.
The exchange again stated that it will never initiate random unsolicited calls requesting account changes.
All legitimate communication is via the official Binance app, confirmed email addresses that end with “@binance.com,” or the Binance website.
Binance’s 24/7 support service has also been tasked to terminate stolen API keys and freeze accounts on reported suspicious activity instantly.
On top of these, Teng begged customers to activate two-factor authentication (2FA), use Passkeys for enhanced phishing protection, check API permissions frequently, and monitor account activity diligently.
Binance’s Record Against Fraud and the Future Ahead
This latest scam alert follows earlier anti-fraud efforts by Binance, highlighting the exchange’s ongoing battle to protect customers from sophisticated threats.
In April, UnoCrypto reported that Binance recovered and froze $217,000 for the victims of the SpireBit scam.
Just a month later, CEO Richard Teng warned against phishing scammers impersonating Binance support through Telegram and email, reminding individuals yet again of the importance of double-verifying all communication, UnoCrypto reported.
As Binance strengthens its defense, Teng asserted that customer awareness is still the best defense.
By being watchful, not sharing credentials on the phone, and communicating only via authorized channels, the community can close the door to such new threats.
Also Read: Binance Alerts Users To DEX Liquidity Risks After Spotting Suspicious Activity