In recent times, the proliferation of sophisticated scamming techniques has led to an increasing number of individuals falling victim to fraudulent schemes. Given the unique nature of cryptocurrencies, the loss of assets due to deception is often difficult to trace. Hence, users should remain vigilant at all times to safeguard their assets. The following article will detail how users can discern whether their emails or messages originate from our official platform, as well as common fraudulent tactics currently in use.
Prevention Tips
-
Check the Sender's Email Address
Verify the sender's email address against known legitimate Bybit email addresses by looking for any inconsistencies or suspicious elements in the email address.
You can easily check whether the sender’s address is from Bybit by using our Authenticity Checker to verify the authenticity of the sender’s address. This function can be accessed easily on the website by going to the main Bybit menu or scrolling down to the bottom of the webpage.
On the app, you can access the page by clicking on the live chat icon and scrolling to the right in order to see the Authenticity Check icon.
Important:
Please note that the sender's address in emails can be easily forged. Therefore, even if the Authenticity Checker displays that the verification result is official, it does not necessarily mean that the email you received was truly sent from Bybit's official mailbox. Please exercise caution and discernment!
If you think you might have encountered a scam or a phishing attack by someone impersonating Bybit representatives on any website, email, social media, or messaging app, please report it directly on the Authenticity Checker page and the security team will review and handle it regularly.
-
Remain Vigilant Regarding the Content of Emails
a. Bybit (or even our Customer Support) will never ask you to transfer assets to an unknown deposit address or ask for your wallet recovery phrase. As mentioned above, even if the verification result is official, the sender’s email can be easily forged using spoofing techniques. Below is a typical example demonstrating how scammers conceal and forge sender email addresses, to solicit assets from Bybit users.
b. Whenever you receive an email requesting your personal information, password, or assets, you should maintain a skeptical attitude at all times and verify with Bybit’s official Customer Support by providing the .eml format file of the email. To retrieve it, please click on the Ellipsis (three dots) at the top right corner of your email, then select Download Message to obtain the .eml file for our Customer Support to review.
c. Never click on any suspicious links.
3. Verify the Anti-Phishing Code
a. Ensure that the anti-phishing code on the email is present and matches your unique code.
b. The absence or mismatch of the anti-phishing code is an indicator of a suspicious email.
Important:
You are strongly encouraged to enable the Anti-Phishing Code function. If you have not set up your Anti-Phishing Code, please go to your Account & Security page for the Anti-Phishing Code setting. For more information, please refer to How to Enhance the Security of Your Account.
Types of Cryptocurrency Scams
Scenario 1: Fake Bybit Website or Scam App with Fake Bybit Support
Scenario 2: Impersonating Bybit Official Staff to Contact Users
-
Individuals who are not official Bybit staff but act as Customer Support to contact users via social media such as Telegram, WhatsApp, X (formerly Twitter), or more.
Scenario 3: Fake Airdrop or Rewards
-
The common tactic is to persuade users to transfer a certain amount to an unknown deposit address to claim an airdrop or reward.
Scenario 4: Impersonating Bybit Social Media Account
-
Always look for verification badges, review profile details, and compare with the official website.
Fake Account |
Official Account |
Scenario 5: Ask Users to Transfer Funds to Fake Bybit Wallet Address
-
This scam involves scammers deceiving users by claiming that Bybit is currently collaborating with certain token projects' developers to test the performance of the blockchain.
-
The scammers then provide detailed instructions on how users can deposit funds into their Bybit accounts, appearing helpful to lower users' guards.
-
Subsequently, they provide a withdrawal address bearing the Bybit name, falsely posing as an official address. Users are instructed to withdraw funds to this address under the guise of assisting with testing, promising a reward of X% of the withdrawn amount.
-
Initially, the scammers transfer rewards to users to lure them further. However, as the amount involved grows, the scammers disappear with the users' assets, leaving them unable to retrieve their funds.
Important:
As we have always emphasized, Bybit will never ask you to withdraw to unknown wallet addresses. It's a cautionary tale to always be wary of offers that seem too good to be true and to double-check before sending money anywhere.
In conclusion, staying vigilant and cautious when dealing with emails and online communications is essential in protecting oneself from falling victim to spoofing and phishing scams. By remaining aware of common tactics used by scammers and exercising diligence in verifying the authenticity of communications, you can better safeguard your assets and personal information in the crypto realm. To learn more about how to enhance the security of your account, please refer to here.
Read More
Top 19 Crypto Scams in 2024: How to Avoid Them
Crypto Scam Recovery: Can You Recover Funds After a Scam?