1. What is phishing?
The phishing attack is a criminal cheating process by getting sensitive information like username, password, fund, and ID by means of disguising others. These messages claim that they are from an official or internet administrator to get trust from the victim.
2. The ways that phishing spread
(1) Through virus
Criminals clone a total same website like BKEX, and send the fake website address to users’ computers with some virus programs and rubbish software, or put the address on search website to cheat users to log on to get users’ username, password, trade information or assets.
(2) Through SMS
Criminals send cheating SMS messages to users, claiming that users won a prize or their accounts are stolen, asking users to log on the website whose address is in the message to verify his or her identity, and the website is launched by criminals, which is a fake one just to get users’ information. If users log in the website and operate, then users’information like username, the password will be known by the criminals.
(3) Setting up a fake website
Criminals launched a fake website, and then post fake activity information on social media like QQ and Wechat, this activity makes an empty promise when users log on the fake website, their usernames and passwords will be known by the criminals.
(4) Through fake official mailbox
Criminals send lots of cheating mails to cheat the users to log in the fake website, these emails ask the receivers to click the links in the mail to log in a website which is like BKEX with reasons like winning prizes or system update and so on, once users type in their usernames and passwords on the specified page, the information will be stolen.
(5) Through community send link to cheat users to log in the fake website
3. To prevent phishing
- Use Relatively safe browser like Chrome and update to the latest version;
Note: Chrome is a Google product, its good safety performance is well known to all, updating to the latest version is because that the low version one has lots of loopholes, like Punycode phishing attack link: https://blog.csdn.net/qq_27446553/article/details/70255763
- Do not install browser plug-in;
Note: Browser plug-in has very high authority, and there is a risk of hacking, like the Chrome User-Agent Switcher back door incident
- Never open a suspected link, never type your BKEX username, password and personal information on an unknown website, in case phishing websites or Trojans stole the information.
- Install an anti-virus program, kill the virus on your computer and cellphone periodically;
- Update system patch on time;
Never send the verification code that official send to you to others;
When you are logging on BKEX or trading, please make sure that if the domain name belongs to BKEX, if you are not sure about it, you may ask the customer service for help.