Practical Binance Tutorial Site About Disclaimer
EN JA KO ES FR
TK Crypto News TK Crypto News Binance Official Access - Download - Account - Wallet
Search Binance tutorials
Home All Tutorials Categories App Download About Us Disclaimer
Getting StartedApp InstallationIdentity VerificationDeposits and WithdrawalsTrading GuideExchange OverviewSecurityCountry PoliciesWallet Guide
Home All TutorialsSecurityHow to Detect Binance Phishing Websites

How to Detect Binance Phishing Websites

TK Crypto News · 2026-04-08 · About16min·Security

Among the top 10 results when searching for "Binance," there are often 3-4 phishing websites. These fraudulent sites have an appearance that is nearly identical to the official one, and entering account credentials will result in immediate hijacking. This article provides five rigorous methods to identify genuine and fake Binance websites, enabling users to determine the authenticity of any link within 30 seconds. To download the official client, please visit the Binance Official Website directly. For mobile devices, use the Binance Official App. iPhone users can refer to the iOS Installation Guide to complete the installation.

Official Binance Domains

It is sufficient to remember this whitelist:

Purpose Official Domain
Global Main Site binance.com
US Site binance.us
Japan Site binance.co.jp
Singapore Site binance.sg (Formerly used, migrated)
Content Community academy.binance.com
Official Blog blog.binance.com
BNB Smart Chain Explorer bscscan.com
Official Email Domains @binance.com / @post.binance.com

All other domains containing the word "binance" are counterfeit sites, including but not limited to:

  • binance-cn.com
  • binancee.com
  • binance-login.com
  • binance-app.net
  • binance.vip
  • binance.io
  • web-binance.com
  • my-binance.com
  • binance-pro.com

Five Common Tactics of Phishing Websites

Tactic 1: Character Replacement

Replacing letters in "binance" with look-alike characters:

  • binance.com (i replaced with Turkish dotless ı)
  • blnance.com (i replaced with l)
  • binance.co (.co instead of .com)
  • binance.com (n replaced with ŋ or a Greek character)

This type of "IDN homograph attack" is visually almost indistinguishable in the browser address bar.

Tactic 2: Subdomain Confusion

  • binance.com.fakesite.com
  • login.binance.scamdomain.net
  • secure-binance.phishing.xyz

The main domain is always the rightmost two segments. For example, the main domain of "xxx.binance.com" is binance.com, while the main domain of "binance.xxx.com" is xxx.com—which indicates a fake.

Tactic 3: Advertisement Placement Hijacking

Bidding on the keyword "Binance" in search engine advertisements, resulting in a ranking higher than the official website. Clicking it leads to a completely cloned UI, but the address bar shows a fake domain.

The first result in Google and Bing searches is frequently a phishing advertisement.

Tactic 4: QR Code Replacement

Distributing "Binance Download" QR codes in WeChat or Telegram groups, which scan to a phishing site or a Trojan APK.

Tactic 5: Email Link Phishing

Impersonating Binance to send emails with subjects like "Abnormal Account Activity," "KYC Pending Review," or "Withdrawal Rejected." The links inside point to phishing sites.

Five Methods to Quickly Verify Authenticity

Method 1: Type the Domain Directly, Avoid Clicking Links

Develop the habit: Always manually type binance.com in the browser address bar. Do not access it via any search results, emails, chat messages, or QR codes.

Method 2: Save the Official Site as a Bookmark

After confirming the genuine official website for the first time, add it to bookmarks immediately. Access it via the bookmark every time thereafter, bypassing search engines.

Method 3: Check the SSL Certificate

Click the lock icon on the left side of the address bar and view the certificate issued to:

  • The certificate of the genuine official website is issued to Binance Holdings Limited or *.binance.com by well-known CAs like DigiCert or GlobalSign.
  • The majority of fake websites use free Let's Encrypt certificates, and the issued object is merely a domain string.

A free certificate does not necessarily equal a fake site, but the real Binance definitively uses a paid EV or OV certificate.

Method 4: Verify the Anti-Phishing Code

This is the most rigorous method. If the Anti-Phishing Code has been enabled on Binance, all authentic Binance emails will automatically include this code.

  • No Anti-Phishing Code in the email → Phishing
  • Incorrect Anti-Phishing Code → Phishing
  • Correct Anti-Phishing Code → Authentic

Users who have not enabled the Anti-Phishing Code should enable it immediately (in Security Center → Anti-Phishing Code).

Method 5: Reverse Verification of QR Codes

The official Binance App download page features a dynamic QR code that changes with every refresh. If a QR code is a static image and frequently appears in various groups, it is 100% a phishing attempt.

How to Identify Fake Apps on Mobile Devices

Fake Binance Apps are typically distributed through the following channels:

  • "Latest Binance Version" installation links in chat groups
  • APKs guided for download by fake websites
  • Counterfeit Apps in third-party application markets
  • Various "Binance Pro" or "Binance Plus" apps containing the word "Binance"

Correct Download Portals

  • iOS: Search for "Binance" in the US/Japan/Hong Kong App Store (Not available in Mainland China region).
  • Android: Search for "Binance" on Google Play, or download the APK from the official website.
  • Official APK: Download strictly from binance.com/download.

Verifying APK Authenticity

Use the following methods to verify after downloading the APK:

  1. Check if the file size matches the official specification.
  2. Compare the SHA-256 hash value.
  3. Inspect the APK signature certificate fingerprint.

The signature certificate information of the genuine official APK is fixed. Any modification by a third party will alter the APK signature.

Actions to Take if a Phishing Site is Visited

If Only "Glanced At"

Simply closing the page is sufficient; there will be no impact.

If Account Credentials Were Entered

Execute the following actions immediately:

  1. Open the genuine binance.com and change the login password.
  2. Force all devices to log out (Security Center → Device Management).
  3. Check login records for anomalies.
  4. Rebind 2FA.
  5. Enable withdrawal whitelist.
  6. If theft is detected within a short period, instantly freeze the account with one click.

If a Fake App Was Downloaded

  • Uninstall the fake App.
  • Scan the mobile device for Trojans.
  • Restore the mobile device to factory settings (if it cannot be confirmed that the device is clean).
  • Re-login to Binance on a clean device to check assets.

Frequently Asked Questions

Q: Is the first result for "Binance" on Baidu/Google/Bing always a phishing site?

A: Not necessarily, but very often it is. Search ad slots are frequently purchased by phishing sites. The safest practice is to manually type binance.com.

Q: Is the Anti-Phishing Code genuinely effective?

A: Highly effective. This is a feature specifically designed by Binance for anti-phishing. Every authentic email includes this code, and phishers cannot forge it because they do not know what your Anti-Phishing Code is.

Q: Can fake Apps steal my 2FA?

A: Yes. Many fake Apps synchronously intercept 2FA verification codes upon login, and may even capture mnemonic phrases from the clipboard. It is imperative to download only from official channels.

Q: Do I need to worry if I clicked a phishing link but did not enter credentials?

A: Generally, no. As long as no password was entered, no 2FA was provided, and no files were downloaded or executed, the mere act of visiting does not compromise the account. However, clearing browser cookies and cache is recommended as a preventive measure.

Next Step Go to Binance Official Site Download Binance App