Email Calls on Binance Users to Leave, Possibly Based on Country

Users that have received an email from Binance in some cases come from countries that are not on the Binance SMS list, creating a potential security issue.

Binance users have reported receiving emails urging them to withdraw their funds from the exchange and abandon trading. The emails, initially seen as a potential scam, were confirmed by Reddit users and have been noted by the Twitter crypto community:

A common thread runs through the type of user that reported receiving the email. Binance targets certain countries, based on its user agreement. However, there has been no official message or a list of countries to abandon the exchange.

One of the countries is Iran, which is also on the UN sanctions list for countries:

However, the cases of Belarus and Serbia are different. While the countries are not hostile, they are outside the Euro area. But most importantly, the two countries are not on Binance’s list of countries accessible by SMS. Other countries not reachable by SMS include Liberia and Zimbabwe.

The SMS is important for activating 2FA, an important step for user-side security. The issue is important for Binance, since one of the biggest attacks on the exchange happened in March. Vulnerable accounts without 2FA were hijacked by bots, creating rogue trades. Binance also offers Google Authenticator, but the lack of a chance for SMS 2FA is a serious security risk.

The tightened security arrives a few days after Binance announced it would use the services of Refinitiv to boost its KYC process. 

Binance is yet to issue an official statement on the emails, which have circulated social media, with multiple user reports. Despite the connection to the list of countries, there are even German users who report receiving the email.

While the best guess is a form of security concerns, it is possible the email has another source and another objective.

Binance has been closely watched as one of the most active crypto exchanges. A recent move of nearly $1 billion in stablecoins worried the markets, but it turned out the move was a reorganization of cold wallets.

Reading now