Tips to Avoid Phishing Scams
05 May 2020, by Bittrex Team
Here at Bittrex, we’re pretty big fans of the customer interaction and insights we can gain on social media channels, particularly Twitter.
We know Twitter is where our customers tend to have the most robust discussions about our platform and listings. And, it’s where some customers reach out to us with support questions.
So, we take it pretty seriously when we see other Twitter users trying to impersonate us or attempting to scam you out of your digital assets. And unfortunately, we see a lot of these attempts. Of course, we’re not the only ones dealing with this problem. Plenty of companies in the blockchain space have been targeted by impostors and phishing scams, along with tons of other businesses that aren’t in our industry.
When we see one of these impostor accounts pop up, we quickly contact Twitter and request that it get taken down. Sadly, this is an issue that is beyond our control once we notify Twitter. It can sometimes take several attempts, and even a few days, before these impersonation accounts are removed.
Now that you have that background, let’s focus on how you can protect yourself from phishing scams.
Below, we’ve provided a few helpful tips for identifying and avoiding phishing scams and fake offers you may see when you’re following announcements from Bittrex on Twitter.
We do not offer or participate in token giveaways on social media.
Additionally, we definitely don’t ask people to send us tokens or fractions of tokens in exchange for larger token sums. If you see an offer like this that-at first glance-appears to be from us, it’s not. Don’t fall for it. That said, we see a lot of inventive ways that Twitter users attempt to impersonate Bittrex, but the most common are:
- Using our logo and replying to one of our tweets, even though the scammer’s Twitter handle is not even close to our verified account name: @BittrexExchange.
- An example of a phishing scam is included below. Note how the user copies our logo and replied to our Tweet, but the handle/account name is not ours. (We’ve marked out part of the handle name.)
- Creating a Twitter handle that is a misspelled version of the Bittrex handle, using our logo, and replying to an actual @BittrexExchange handle Tweet.
- Some of the misspellings we’ve seen include @BittrexExhange, @BittrexEchamge_, and @BlttrexExshahge. (All of those accounts have been suspended after being flagged by us.)
- Hacking another verified user’s account, stealing the Bittrex logo, and replying to one of the verified @BittrexExchange handle’s Tweets. Then, the fraudster writes the Tweet as if it’s Bittrex offering the giveaway or coin promotion, but of course, it’s not. Unfortunately, since people see the verified symbol, they don’t closely look at the name, and it seems more people tend to fall for this scam simply because of the verified symbol.
So, if you’re uncertain whether a Tweet is from us or not, the best way to make sure is to:
- Carefully check the Twitter handle to make sure it’s the correct spelling of @BittrexExchange.
- Check to see that it’s the verified account of @BittrexExchange and NOT the verified account of someone else.
- Look to see whether the Tweet is a reply to the verified @BittrexExchange handle, and if it is, go through steps 1 and 2 again.
Just so you know, Bittrex also owns other Twitter handles that we don’t use very much at this time: @BittrexSupport.
We may decide to use them more in the future, but if and when we do, we’ll endeavor to get them verified first to add an extra layer of trust. We’ll also communicate to customers, both through our support site and @BittrexExchange Twitter handle, if we decide to use those accounts frequently.
Finally, fraudsters occasionally attempt to impersonate our executives, spoofing their personal Twitter handles. They try to scam people with the same fake offers we see directed at our main Twitter handle.
Please don’t get fooled by any of these. The guidelines above apply to our company accounts and our executives’ personal accounts as well.
We realize that FOMO makes people want to act quickly when a deal seems too good to be true. But it’s always worth it to take the extra step and check that the Twitter user is who they say they are to help protect yourself and your digital assets.