A prominent Web3 specialist, Joe Zhou, has raised awareness regarding an SMS spoofing scam targeting Binance users. The expert shared insights on the fraudulent scheme through a LinkedIn post, where he recounted his personal experience of losing approximately $200 in cryptocurrency due to the attack.
Zhou detailed how he fell victim to the scam after receiving a fraudulent security alert via SMS on his registered Binance number. The message falsely claimed that an unauthorized login had been detected from Pyongyang, North Korea. Additionally, it included a contact number for immediate assistance, prompting him to respond in a state of urgency.
Manipulative Tactics Used by Scammers
The timing of the incident contributed to Zhou’s concern, as it coincided with a high-profile $1.46 billion attack on the Bybit exchange. Investigations had pointed to the Lazarus Group, a notorious North Korean hacking syndicate, as the entity responsible for the Bybit breach.
Acting on impulse, Zhou dialed the number provided in the SMS, unaware that he was engaging with a scammer posing as a Binance customer service representative. The fraudster, who spoke with a British accent, instructed him to create a SafePal Wallet, under the pretense of securing his assets.
The scammer further pressured Zhou into transferring his cryptocurrency holdings from Binance to the newly set up SafePal Wallet, citing an ongoing investigation into his account. Compliance with these instructions led to the loss of his funds. Soon after, he realized the deceptive nature of the transaction and sought assistance from Carlos Mak, a Binance employee, who confirmed that he was being defrauded.
The Chase for Stolen Funds
Upon realizing the scam, Zhou attempted to retrieve his assets from the SafePal Wallet. However, the fraudster noticed his activity, leading to a frantic contest over control of the funds. His attempt to convert some ERC-20 tokens was halted due to insufficient gas fees. Interestingly, his wallet received a small amount of ETH unexpectedly, but as soon as he proceeded with the transaction, the targeted asset was immediately drained by the scammer. Ultimately, he suffered a financial loss of $200 in an unspecified ERC-20 token.
Following Zhou’s disclosure, multiple Binance users reported experiencing similar fraudulent messages. The growing trend of SMS spoofing scams in the crypto industry has raised significant concerns. This deceptive tactic involves altering sender IDs or manipulating SMS gateways associated with crypto platforms to make fraudulent messages appear legitimate.
Importance of Vigilance in Crypto Security
As these malicious schemes become more prevalent, it is essential for users to remain cautious and verify the authenticity of any messages demanding urgent action. Conducting due diligence and avoiding impulsive responses to security alerts can help mitigate the risks associated with such scams.
