With the prevalence of crypto investment, security is what matters most in the industry. Due to the unique features of digital assets, such as privacy, anonymity and decentralization, it’s unlikely to recover your assets once you fall victim to fraudulent schemes.
In this article, we list some common scam tactics to help you better understand and avoid scams.
Common scam tactics
1. Pose as CoinEx official support in social media groups and DM you first
2. Contact you through a fake email address, unofficial SMS channel, or fake phone number
3. Clone CoinEx official website/App
4. Advertise fake events or investment projects
5. Set up fake Wi-Fi hotspots to steal personal information
Fake customer service or staff in social media groups
1. When the official CoinEx administrator posts messages, there is an “Administrator” or “Admin” logo in the upper right corner. Please pay attention to this identifier.
2. CoinEx admin will NEVER do the following under any circumstances:
(1) DM you first
(2) ask for your account credentials, such as the password and 2FA code
(3) ask you to transfer cryptos to other addresses or accounts that do not belong to you
3. Anyone, who approaches you on social media, and offers to help you unlock your account or reset security features, is a scammer. If you have any concerns, please submit a ticket to contact us.
Fake CoinEx emails, text messages, phone calls, etc.
1. Email/SMS phishing
(1) Always double-check the "sender/contact" of your email/SMS. If you have any doubts, avoid clicking on any unknown links or downloading attachments, which may expose your account credentials and cause financial losses. If you encounter phishing attacks, please contact us in time to prevent harm to other users.
(2) It is strongly recommended that you add the following official CoinEx email addresses to your email whitelist:
support@coinex.com (Customer Support)
noreply@mail3.coinex.com (Verification code and system notification)
noreply@mail.coinex.com (Verification code and system notification)
noreply@news.coinex.com (Activities and information push)
2. Phone scams
CoinEx does not have any phone call channels. Anyone who calls you and poses as CoinEx official support is a scammer. You can use CoinEx's official verification tool to authenticate the legitimacy of any channel claiming to represent CoinEx. If you find any suspicious activities in your account, please contact us in time.
Cloned CoinEx official website/App
1. The ONLY CoinEx official website is https://www.coinex.com. Please ONLY visit this website for CoinEx service. If you have any questions, please contact us to verify the legitimacy.
2. Please download CoinEx App from trusted sources. It is recommended that you download CoinEx App from CoinEx official website https://www.coinex.com. If you download CoinEx App from App Store or Google Play Store, please check the provider’s information carefully.
Fake CoinEx advertisement online
1. Fake events
Any site events hosted by CoinEx will be announced in our Announcement Center. You can also check CoinEx community pages for updates on upcoming events. If you have any questions, please feel free to contact us.
2. Fake investment projects
Please do not believe in any promotional activities that promise huge profits with small investments. If you come across any fake investment projects, please contact us in time to prevent more users from getting deceived.
Fake Wi-Fi hotspots
Hidden programs in fake public Wi-Fi networks can pose varying degrees of risk to personal information security.
Low-risk: Tampering with web pages to display spam messages or inserting hidden links that trigger malicious promotions or ad fraud.
Medium-risk: Controlling your network through DNS hijacking or ARP attacks. DNS attacks can manipulate your internet access, disrupting your network or redirecting you to malicious sites. While the specifics of ARP attacks may vary, the end result is quite similar – network disruption.
High-risk: Exposing personal information like usernames, passwords, and bank account credentials. Additionally, hackers may try to phish for sensitive information such as your name, gender, and workplace, which can be used to carry out highly targeted scams.
For more security tips, please refer to Introduction to Account Security and Principles.