CoinEx Introduction: Anti-Phishing Protection for Enhanced Account Security
In 2020, the US crypto exchange Kraken alerted users that scammers were pretending to be Kraken employees and defrauding Kraken users in the name of “project cooperation”. Kraken also said that scams in the crypto community have grown more sophisticated, with scammers sending fake emails to users via seemingly legit domain names. This technique is called Punycode, which tries to deceive users by replacing one or more characters in the URL with similar-looking characters from another character script.
As one of the primary cyber frauds, phishing attacks are often conducted through emails, text messages, social media, URL advertisements, etc. Hackers will try everything to package themselves as exchange staff to steal sensitive user information, such as login passwords, Google Authenticator codes, etc.
Cyber frauds and phishing attacks are on the rise. According to a report by PhishLabs, a cyber-threat intelligence company, phishing attacks targeted at users of crypto exchanges have increased by 22% in the first 6 months of 2021.
CoinEx strives to provide secure, convenient, and stable services of crypto trading services, with a focus on security. Despite the exchange’s efforts to maintain account security, users should be more aware of cyber frauds and minimize potential security risks. That said, how can users protect themselves against phishing and make their accounts safer? Let us go through the following eight steps to better protect your account.
1. Make sure you are using the official CoinEx website and APP
According to the relevant data, 47.5% of the detected phishing attacks use brand impersonation techniques. With this, hackers confuse customers with misleading messages that lead them to click on malicious links and transfer their cryptocurrencies.
The second most common phishing attack is to edit the source code of a webpage and add fake links to it. According to PhishLabs, more than 39% of attacks derive from source code copies.
Therefore, users should make sure they are trading on the official CoinEx website and APP (official website: https://www.coinex.com/)
2. Register CoinEx accounts with secure and new emails
Email is an important user credential. To a certain extent, registering a CoinEx account with a new email address (one that has not been registered on other websites) can avoid credential stuffing due to email leakages. Credential stuffing is a type of cyberattack in which stolen account credentials, typically consisting of lists of usernames and/or email addresses and the corresponding passwords (usually acquired via data leaks), are used to gain unauthorized access to user accounts through large-scale automated login requests directed against a web application.
To guard against credential stuffing, users should keep track of the email address used for registration and, more importantly, check the email security settings regularly.
3. Create secure passwords and change your password regularly
Users should create a complex password with a high security level for their CoinEx accounts and carry out regular changes. In this respect, password managers such as LastPass or KeepPass can help you manage the passwords with ease.
4. Activate 2FA
2FA (2 Factor Authentication) is a secure password authentication method in which a user is required to enter the secondary authentication code in addition to the password when logging in. 2FA now available on CoinEx covers SMS verification and Google Authenticator. CoinEx recommends the activation of 2FA functions for enhanced security protection.
5. Do not click on links from unknown sources or suspicious email attachments
Attackers normally steal account information through malicious links or attachments that contain viruses. If you received information from unknown sources, please be careful and avoid clicking on any link or attachment before having confirmed that the information is from CoinEx.
6. Make your phones and computers more secure
Data breaches due to the loss of devices can be avoided by enabling password protection or biometric protection on phones and computers. While the installation of antivirus software is preferred, users should not download any software from unknown sources to avoid virus attacks. In addition, before connecting your device to public networks, you should always first consider trusted networks.
7. Keep track of your account information without any disclosure
Bear in mind: CoinEx will never ask you for passwords, authentication codes, or other account information, so please keep track of your account information and do not disclose it to anyone. All information from CoinEx is subject to official announcements. If your account is abnormal, please contact CoinEx as soon as possible.
8. Set up an anti-phishing code for enhanced account security
The anti-phishing code is a security feature provided by CoinEx, which allows users to add a personalized anti-phishing code to their accounts to strengthen account security. After the anti-phishing code is enabled, the content of the email sent by CoinEx will contain the anti-phishing code you set, which can identify whether the received email is from the official CoinEx website to prevent phishing scams.
How to set up the anti-phishing code?
8.1 Log in to your account, click [Account Settings] from the menu of [Account];
8.2 Once you entered the page of Account Settings, click [Settings] on the right of Anti-phishing Code;
8.3 Click [Send code] and enter [Email verification code] sent to your registered email, then click [Next] to complete the setup. Note: Please create an anti-phishing code you can easily identify;
8.4 After successful set-ups, emails sent by CoinEx will contain the anti-phishing code you set, which can identify whether the received email is from the official CoinEx website. Note: Please do not disclose your anti-phishing code to anyone, including the CoinEx customer service.
Go ahead and complete the above steps for extra protection against phishing attacks.
