Fake SMS Scams Target Binance Users with Urgent Hacking Alerts

Fraudsters are sending fake SMS messages pretending to be from Binance, urging users to transfer funds to a fraudulent address under the guise of a supposed hacking threat by the Lazarus group. This was reported by Hong Kong Web3 enthusiast and entrepreneur Joe Zhou.

Zhou received a message that appeared to come from Binance’s usual verification code number, warning him about an attempted login to his account from a device located in North Korea.

He called the provided number and was instructed to create a new wallet using the SafePal service and transfer his funds from Binance, allegedly for the duration of the investigation into the incident.

Following the instructions, Zhou began transferring his assets. During the process, he consulted a friend who works at the exchange and realized he had fallen victim to a scam, with the fraudsters gaining access to his wallet.

Zhou managed to withdraw part of his funds before the scammers realized he was onto them. However, he was short on funds to complete the last transaction; the hackers were able to deposit a small amount of ETH into the wallet and withdraw the remaining tokens.

According to Zhou, his financial losses turned out to be minimal, serving as “just another important lesson.” He reported the fraudulent activity to law enforcement and the exchange’s team.

Several LinkedIn users responded to Zhou, sharing that they had received similar messages. Not everyone received the warning about access attempts from North Korea—one commenter mentioned being alerted about a login from Paris.

In November 2024, fake SMS messages posing as Binance were sent to clients in Europe, with scammers claiming there were security issues and encouraging users to move their funds to a «safe place»—a fraudulent wallet.

It’s worth noting that in 2022, scammers disseminated messages regarding a supposed transaction confirmation that linked to a phishing site aimed at canceling the operation.