Articles in this category

MEXC Note on Guarding Against Phishing Attacks

1. What is Phishing

Phishing is a criminal fraud in which criminals use various means to impersonate MEXC (website pages, customer service staff, etc.) to obtain sensitive personal information such as user names, passwords, funds and identification number.

 

2. Common Online Phishing Methods

Phishing methods mainly include phishing websites, SMS phishing, etc.

Phishing websites: The attackers carefully imitate and create a phishing website that has the same interface as the MEXC official website to deceive users. When the users click and enter the phishing website without paying close attention to the link, and submit the account password and other relevant information, the attackers have succeeded in the attack.

SMS phishing: Attackers pretend to be from the official platform and send enticing or misleading text messages to their target audience. These messages will normally prompt the users to click a link. Once the users accidentally click the link and submit sensitive information such as the account password, the attackers will be able to steal the information.

In common phishing attacks, the attackers may impersonate the platform’s customer service, create a phishing website, or send text messages and emails to the users. They would lure users into clicking a link or scanning a QR code with reasons such as clearing out, account upgrading, or funds at risk. Once information such as account password, verification code, and fund password is leaked, the digital assets in the account will be stolen immediately.

 

           mceclip0.pngmceclip1.png

          mceclip2.pngmceclip3.png

      

                                                           Example of phishing sites

     mceclip4.jpgmceclip5.pngmceclip6.png

                                                          Example of phishing SMS

3. How To Guard Against Phishing Attacks?

(1) Identify phishing websites, do not click unknown links, and log in on the official website to avoid password leakage which can result in loss of funds.
Official website: https://www.mexc.com/

(2) Raise security awareness. The platform account password should be different from other websites. Private keys and mnemonics should not be saved locally.

(3) Do not search for URLs using Google and other search engines. It is recommended that you manually enter the URL to log in. Look for the official MEXC website: https://www.mexc.com/

(4) Do not disclose account password and other information to anyone, especially your private key, etc.

(5) Set up an anti-phishing code:
You can set it by going to "User Icon - Security - Anti-Phishing Code". After the set up is completed, all future emails sent to you by MEXC will contain the anti-phishing code. If there is no anti-phishing code in the email, it is a scam email and you need to be vigilant.


Setting up on website:

 

    mceclip9.png

mceclip11.png

 

(6) If you receive any call/email/URL/Telegram from an “official personnel”, you can visit the official verification channel https://www.mexc.com/official-verify for verification.