Rise of Telephone Scams in Cryptocurrency
A recent article from Binance Blog sheds light on a troubling rise in telephone scams within the cryptocurrency sector, specifically targeting users to alter their API configurations for nefarious ends. The piece serves as a crucial resource for users, aiming to raise awareness about these scams and provide actionable steps to enhance their account security.
Understanding the Scams
In 2025, a surge of impersonation scams has infiltrated the crypto landscape, exploiting trust to illicitly access users’ funds. Typically, these scams start with a fraudulent phone call appearing to be from customer support. Scammers pressure users into modifying their API settings under the pretense of urgent security updates. These changes enable scammers to siphon off funds directly into their wallets, leaving victims unaware of the impending threat.
Binance’s team of risk analysts is focusing on this growing concern, where prevention through user vigilance is deemed the most effective defense.
Exploitation of API Settings
The scammers exploit the API (Application Programming Interface), which facilitates automated trading and account oversight, convincing their targets to grant extensive permissions, such as enabling withdrawal capabilities. This type of manipulation can give attackers almost complete control over the account, as these modifications seem to originate from the user’s device—thereby circumventing initial security protocols and leaving the account at risk.
Social media platforms have become a ground for distressed users to share their experiences, many of whom have faced drained accounts and dubious calls, raising alarm throughout the crypto community.
Impact on Victims
The ramifications of these scams are dire, with initial reports suggesting that several users have fallen prey, suffering losses that range from several hundred to multiple thousands of USDT in cryptocurrency. The emotional toll is also significant, with victims expressing feelings of shock and betrayal, believing they were acting in their own interest to secure their assets.
Notably, these scams intensify during peak trading periods, such as the one occurring in late July, as users are often preoccupied with lucrative trading opportunities rather than potential threats.
Binance’s Response
In response, Binance is taking a proactive stance against these threats, employing threat analysis to track suspicious call patterns and API exploitation. They emphasize that legitimate communication from Binance will never involve unsolicited phone calls requesting security changes; all updates will be conveyed through official channels such as the app, email, or the company website.
Additionally, their 24/7 support team is prepared to retract compromised API keys and suspend accounts in response to any reported suspicious activity.
Protecting Your Account
To fortify your Binance account from these fraudulent schemes, it is advisable to:
- Activate Two-Factor Authentication (2FA) via the Binance app or a hardware security key, which ensures additional verification is required for withdrawals—even if the API has been compromised.
- Utilize Passkey, an advanced security feature available through the Binance app that offers resistance to phishing attacks.
- Validate communications and refrain from modifying API settings based on unsolicited contacts.
- Keep API settings secure by limiting withdrawal access and rotating keys frequently.
- Regularly monitor account activity and establish alerts for withdrawals to help detect unauthorized actions early.
Users are encouraged to educate themselves using Binance’s resources and report any suspicious calls immediately.
Conclusion
In summary, the growth of fraudulent support calls highlights the necessity for users to remain alert as their primary defense against these scams. By strictly adhering to official Binance communication methods and refusing to amend API settings based on external prompts, users can safeguard their accounts effectively. Incorporating additional protections, like passkeys and hardware-based 2FA, significantly bolsters defenses against impersonation attempts. Binance will continue to track threats and enhance tools to protect users, but ultimately, a mix of user diligence and platform security is the most robust way to combat scammers.