Slippery scammers are targeting cryptocurrency rookies with fake landing pages for popular exchange desks – including leading platform Binance – that have been deliberately designed to appear like the real thing.
Once a user has wound up on one of these fraudulent pages, all clickable links have been programmed to forward visitors to the official Binance website, but through an affiliate URL. While it appears the fake pages aren’t seeking to steal your credentials, it is advisable to practice extreme caution in case you end up on one.
Unlike the official page, the illegitimate Binance copycats use a technique known as Punycode which allows them to “represent Unicode within the limited character subset of ASCII.” Leveraging this method, the malicious domain ‘xn--inance-hrb.com’ could be displayed as ‘ƅinance.com.’
You can see how that could be confusing to newcomers – and some less technical crypto-traders in general.
One way to spot fake pages is by checking the certificates in the upper left corner of your browser. It is worth noting that some more advanced techniques are known to make it damn near impossible to tell apart real from fake set-ups – so take this tip with a grain of salt.
Another detail we noticed is that fake pages don’t seem to update the exchange rates in real-time like the legitimate Binance site does. There is also a poorly placed ‘Sign up first’ button right in the middle of the of the illegitimate copycats.
For what is worth, the person behind this shenanigan is using the following affiliate account number: 10115320.
The official Binance Referal Program says that affiliates will receive 50 percent of the trading fees of any signees they’ve brought to the exchange desk.
For those unfamiliar, affiliate programs are a convenient way for companies to enlist third-party ‘partners’ to recruit new users. Such ‘partners,’ who can be almost anyone, receive a small cut of every transaction done by users who signed up through them.
“The fee commission will be sent instantly in real-time to your Binance account as your referee completes each trade and will be paid to you in whatever token/cryptocurrency the original fee was paid in,” its terms read.
TNW has reached out to Binance to inform them of this suspicious activity. We will update this post accordingly once we hear back.
The fraudulent sites were first spotted by Redditors, who claim they accidentally landed on one of them while browsing Google. Following members urging fellow posters to report the malicious page for phishing, it appears the Big G has since removed the copycats from Search.
This is hardly the first time attackers have attempted setting up fake pages to make profits from unsuspecting crypto-enthusiasts.
Back in September last year, exchange desk Bitfinex took to Twitter to warn its users that attackers have made a phishing website that closely resembles the official service.
Be aware: a phishing website is online that closely resembles https://t.co/VJg06pe7uT The attackers are using domain bitfienex-com
— Bitfinex (@bitfinex) September 19, 2017
Given that Binance has swiftly established itself as one of the world’s leading exchange desks in the brief six months since it launched back in July 2017, it is hardly surprising attackers have taken aim at the company’s fast-growing user base.
As per Coin Market Cap, Binance processed the largest amount of exchange requests in the past 24 hours, boasting a total trading volume of over $7.5 billion.
Published January 4, 2018 — 15:08 UTC