Recent events around one of the world’s largest cryptocurrency exchanges Binance sound threatening. CFTC, the U.S. regulator of commodity futures trading, charged the company with allegations of violating numerous acts and regulations. This platform is used by a huge number of people, and any service outages or problems with wire outs as the result of this lawsuit may create mass panic. In fact, the community is already buzzing like a kicked beehive. Hackers never disdain using it — so it is estimated to see a wave of various scam approaches that have the only target: money.
What happened to Binance?
On March 27, 2023, Binance was charged by Commodity Futures Trading Commission for consistently violating its regulations for preventing money laundering and terrorism financing. As the note released by CFTC says, Binance employees were guided by the company’s CEO, Changpeng Zhao to ignore the rules set by CFTC. The latter supposes uncovering the real identity of their customer in order to prevent misleading and following laundering. That thesis is partially confirmed by the fact that throughout the entire 2022, no suspicious activity reports were made.
Defendants’ alleged willful evasion of U.S. law is at the core of the Commission’s complaint against Binance. The defendants’ own emails and chats reflect that Binance’s compliance efforts have been a sham and Binance deliberately chose – over and over – to place profits over following the law, — Gretchen Lowe, CFTC’s Enforcement Division Principal Deputy Director
Currently, Binance is just amidst a huge scandal, which, however, does nothing to disrupt the operation flow. Still, the trial is ongoing, and the situation may change in the future. If the evidence possessed by the accusing party is proven true, the platform may have serious consequences.
First and foremost, regulators can ban Binance from the U.S., cutting a significant portion of its money flow. That ban will likely forbid the banks to wire transactions with the organisation. It will be painful, but not impossible to withstand – the US share is not that big. However, if things get worse, US authorities will ask European banks to do the same. Cutting off over 50% of the user base in a single move is deadly for pretty much any company.
What to expect?
The scale of possible scams may easily overwhelm the similar outbreak that happened following the SVB bankruptcy in early March. Hackers were sending emails pretending to be bank representatives or legal agents, offering their help in saving money held in the ceased bank. This time, however, the vast majority of targets are regular folks, who are much less aware of scams. Moreover, people are much more likely to interact with emails they receive – and cybercriminals know that.
There is, however, a difference between the case of SVB and Binance. Bankruptcy means a complete suspension of all operations – in simple words, you cannot get your money back. Ban in a certain country makes it troublesome, but not impossible. Still, it may be less obvious for people who are not so well acquainted with all the procedures. Moreover, folks mostly have no “plan B” for such a situation. That will be the bearing point of crooks.
Nature abhors a vacuum. If Binance is gone, there are a number of other platforms offering hot wallets and easy investments. But aside from well-known names, others will pop up, offering unbelievably good terms. And for sure, it is better to remain incredulous.
The classic scheme here is offering a service to people who escaped from Binance, taking their money and leg it. These “alternatives” will likely be offered in advertisements all over the Internet, as well as on forums. Alternatively, crooks can perform classic email spamming campaigns, targeting the emails from databases related to a breach that happened back in 2019.
Typically, users will be offered bonuses at wire-in, miserable commissions per transaction, or even leverages for trading. Links, wherever they are placed, will lead to a freshly-created website that has small to no information about the service. Instead, the site will blink with numerous offers to create an account and top it up as soon as possible. Once done, you will never see your money back. This fraud may also fill the databases with personal information you share during the registration.
Wireout help offers
This type of scam may be conjoined with the previous one but requires contacting the victim. Crooks reach the victim via email, offering to migrate seamlessly to their platform. This message can also contain convincing statements about the partnership with Binance regarding their customers. Hackers may even impersonate a well-known exchange – to lull the vigilance. However, the link they will provide to proceed leads to the same poorly-made website.
At this point, things are getting more interesting. Instead of just taking your money, fraudsters can also ask the address of a Binance hot wallet and a cold wallet. This, in turn, exposes your identity even more – and may be threatening to your funds’ safety.
What can be the most classic example of an email scam? Email messages that pretend to be ones from a genuine company. Scams related to SVB bankruptcy were generally of this sort, and now the story may repeat itself. Hackers will pretend to be the company that wants to help with wire out or other operations. Alternatively, if nothing bad happens to Binance, the legend may switch to “insure your account” stuff. This scam may take place in social media as well.
Routinely, you should log into your account by following the link added to a message. But oops – this link leads to a phishing copy of a Binance login page. This ends up with losing access to your account, which is suboptimal even in the case of troubles.
What can I do?
First of all, it is just an attempt to predict upcoming cases. If nothing happens – great; pessimistic predictions are always good when they do not come true. However, the threat of malware and phishing scams on email is as actual as never before. Following basic cybersecurity rules is a go-to advice for all cases.
Be suspicious of all the emails you receive. Check the email addresses, read the message body carefully – they can contain the signs which will uncover the attempt to scam you. Hackers do their best in mimicking the original messaging style of the companies, but cannot repeat all the details. Why do they call me “Dear user” instead of my name? And why does the sender’s email resemble a single-use one registered on a quick email box service? Notice details of this small – and any attempts to scam you will go naught.
Control social media messages. Using accounts that mimic the company one’s crooks can outreach people with relevancy. We are used to sharing a lot of information about ourselves on social networks, thus it is not a tough question to find out if you are using Binance or not. In Twitter, after the recent changes in its administration, it became even easier to counterfeit official accounts. Acting as support managers, they can easily deceive a huge number of people.
Do not trust links on the Internet. Wherever you find them – in emails or in someone’s forum post, they should not be trusted. They may look legitimate, but don’t be haste with typing your credentials or other sensitive data. First, check the URL address: if it contradicts with the contents (i.e. 1281300913.weebly.com and a PayPal login page) – close it immediately. Crooks are extremely good at copying login pages and setting up phishing traps for unsuspecting users.