What to Do If a Fake Binance Customer Support Adds You on WeChat? Full Social Engineering Attack Process

Social engineering attacks are the hardest to defend against — the attacker plays an authority figure and convinces you to hand over your info willingly. This article exposes common scripts. Download links: Binance website, mobile Binance official app, if you don't have the iOS app installed see the iOS install guide.

I. Basic Rules of Social Engineering Attacks

Binance officials will never:

1. Proactively add you on WeChat, QQ, Telegram, or WhatsApp
2. Ask you to provide your password / 2FA / seed phrase
3. Ask you to transfer funds to any address
4. Ask you to install a "customer service designated" APP or configuration profile
5. Ask you to turn on screen sharing so they can guide you

If any of these happen, it equals 100% phishing.

II. Common Social Engineering Scripts

Script 1: "Your account is abnormal and needs an emergency transfer"

They tell you to transfer your funds to a "safe address" they provide.

Script 2: "I am a Binance security officer, helping you recover your account"

They ask you to provide your password and 2FA "for resetting purposes".

Script 3: "You've participated in an airdrop event, enter your information to claim it"

They make you click a link to a phishing site.

Script 4: "Your account is frozen, pay a deposit to unfreeze it"

Directly scamming you for money.

Script 5: "Screen sharing for operational guidance"

They trick you into sharing your screen so they can read your passwords and verification codes.

III. Several Psychological Traps in Social Engineering

1. Authority

Impersonating "customer service", "security officers", or "project teams".

2. Urgency

"If you don't resolve this within 24 hours, your account will be frozen."

3. Reciprocity

"I helped you look up leaked information, you need to pay a small tip."

4. Scarcity

"Exclusive access limited to 100 VIP users."

5. Forged Evidence

Sending screenshots of "employee badges" or "official documents".

Once you are aware of these routines, you can instantly remain alert when encountering them.

IV. Methods to Distinguish Real and Fake Customer Service

Real customer service only exists in:

1. Replies after submitting a ticket in the Binance Help Center
2. The built-in chat within the Binance APP

Real customer service will never:

1. Proactively contact you
2. Communicate using other channels outside of support tickets
3. Ask you to pay them
4. Ask you to make a transfer for verification

If you want to contact customer service, do it proactively:

• Log in to binance.com → Help Center → Submit a ticket
• Customer service replies will remain within the Help Center

V. Response Template

When receiving messages from unfamiliar "customer service":

1. Do not reply with any sensitive information
2. If you suspect account issues, proactively log in to binance.com and submit a ticket to verify
3. Take screenshots to keep evidence
4. Block the sender
5. Report to the police if necessary (in cases where funds have already been lost)

VI. Family Social Engineering

Family members, especially the elderly, are vulnerable to social engineering attacks. Teach them:

• "A stranger adding you claiming to be Binance customer service" = Fake
• "High returns on XX investment" = Fake
• "Helping you recover your account" = Fake

They don't need to understand the technology; just remembering "proactive contacts are always fake" is enough.

VII. Emergency Response After a Successful Social Engineering Attack

If you have already:

• Added them on WeChat
• Shown them your password or 2FA
• Shared your screen with them

Immediately:

1. Disconnect all sharing
2. Log in to binance.com on a clean device
3. Change your password + reset 2FA + delete APIs + revoke all sessions
4. Freeze your account (if you find it has already been compromised)
5. Submit a ticket to real customer service stating "attacked by social engineering"
6. Call the police

VIII. Binance's Official Anti-Social Engineering Protections

1. Anti-Phishing Code

Ensures all genuine emails can be identified.

2. 24-Hour Lock

Prevents attackers from withdrawing funds immediately after password changes.

3. Device Login Alerts

Pushes emails/notifications immediately upon abnormal logins.

4. API Limits

API withdrawals are turned off by default and require manual activation.

If you configure all these correctly, the cost of a social engineering attack becomes extremely high, and most attackers will give up.

FAQ

Q1: Can I recover my funds if I get scammed by social engineering? Binance can trace the TXID on-chain, and there is a chance of recovery if you cooperate with the police. However, the earlier you act, the better.

Q2: How can I identify KOLs who claim to be "official"? Binance does not have official KOLs. All "Binance promoters" are users, not official representatives.

Q3: Can I completely block strangers from adding me as a friend? WeChat and Telegram have settings that "strangers cannot add me". Turn them on.

Q4: Is it useful to call the police? Yes. Providing the TXID and chat logs helps with criminal investigation.

Extended Reading

• Can a stolen Binance account still be recovered?
• What do fake Binance customer service emails look like? 4 features to spot them instantly
• Why is it absolutely necessary to set an anti-phishing code?