HKCERT Security Tips: Verify the Source of SMS with Caution to Guard Against Phishing Attacks from Bogus Cryptocurrency Exchanges

(Hong Kong, 18 May 2022)  Hackers recently impersonated the cryptocurrency exchange Binance to send out phishing SMS. It said that due to the regulations of the encryption authority, users are required to log in to update their accounts and activate the Wallet Direct function to ensure the normal use of the accounts (Figure 1).

After clicking the link in the SMS, users will be redirected to a fake currency exchange web page that lures users to enter their login information (Figure 2). Once the hackers have obtained the data, they could login to the users’ accounts to steal cryptocurrencies.

Figure 2a.  Fake login page of cryptocurrency exchange Binance Figure 2b.  Genuine login page of cryptocurrency exchange Binance




As a local information security expert, the Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) of the Hong Kong Productivity Council recommends users to check the source before opening the SMS link and to go to the official website to verify. Also, they should be vigilant upon receiving requests to provide personal information to avoid being deceived.

For more information about attacks relating to cryptocurrencies and ways to protect them, please click the following link:

For information security related incidents, for example, ransomware, phishing, denial of service attack, etc., please report to HKCERT through its online Incident Report Form at For other information security-related questions, please contact HKCERT by email: or call its 24-hour hotline: 8105 6060.

Check Also

Connecting Camera Enthusiasts: Nikon India Launches ‘My Nikon’ App, Tailored for the Community of Camera Lovers

“Seamless Access, Loyalty Rewards, and Personalized Recommendations Awaits Users” “Empowering Customers with Comprehensive Features and …