How to Tell If Your Account Has Been Compromised

Several signs indicate your Binance account may be under someone else's control: receiving login notification emails you didn't trigger, unexplained balance decreases, unfamiliar transaction records, or password change emails you didn't initiate. If any of these occur, take action immediately. Start by confirming your account status through the Binance registration official page, and make sure you have the latest Binance APP on your phone for quick access.

Four Emergency Steps

Time is money — act on the following steps as quickly as possible after detecting anomalies.

Step 1: Freeze Your Account Immediately

This is the most critical step. Once frozen, all trades and withdrawals are suspended.

How to do it:

• APP: Profile → Security → Account Management → Disable Account
• Web: Log in → click avatar → Security → Disable Account
• If you've been logged out, initiate a freeze through the "Security Verification" channel on the login page

Step 2: Change Your Password

If you can still log in, change your password immediately. Your new password should:

• Be at least 12 characters long
• Mix uppercase and lowercase letters, numbers, and symbols
• Not be reused from any other platform

Step 3: Remove All Logged-In Devices

In Security Settings under "Device Management," remove all devices. This forces all sessions to log out, including the attacker's.

Step 4: Check and Delete API Keys

Go to the API Management page. If you find any API keys you didn't create, delete them immediately. Attackers frequently use API keys to remotely control accounts.

Figuring Out How You Were Compromised

After the emergency response, calmly investigate the cause to prevent it from happening again.

Phishing Attacks

This is the most common method of intrusion. Attackers send fake Binance emails to lure you into entering login credentials on counterfeit websites.

How to check:

• Review recent "Binance" emails and verify sender addresses
• Check browser history for misspelled Binance domains
• Recall whether you entered your password on any "promotional" pages

Mobile Malware

Your phone may have been infected with password-logging malware.

How to check:

• Review recently installed apps for suspicious items
• Run a full security scan
• Check if any unknown apps have accessibility permissions

Password Leaks

The same password you use on other platforms may have been exposed in a data breach.

How to check:

• Visit haveibeenpwned.com to see if your email is in a breach database
• If so, change passwords on all platforms where you used the same one

Social Engineering

Someone impersonating a friend, customer support, or official representative tricked you into sharing verification codes or login details.

How to Properly Contact Binance Support

Submit a Security Ticket

1. Access the Binance Help Center through official channels
2. Select "Account Security Issue"
3. Provide the following:
   • Exact time of the incident
   • Screenshots or descriptions of suspicious activity
   • Your registered email and phone number
   • Suspected cause of the breach
4. Keep your email accessible while waiting for a reply

What Support Can Do

• Freeze and restore accounts
• Track fund movements within the platform
• Cooperate with law enforcement investigations
• Assist with fund recovery when conditions are met

Comprehensive Security Hardening After Recovery

Enable Anti-Phishing Code

This is the most effective defense against phishing. Set a code that only you know — all legitimate Binance emails will include this code. Emails without it are fake.

Enable Hardware Security Keys

Hardware keys like YubiKey can prevent most remote attacks. Even if an attacker has your password and verification code, they cannot log in without the physical key.

Enable Withdrawal Whitelist

Turn on the withdrawal address whitelist in the Binance APP security settings. Only pre-approved addresses can receive withdrawals. New whitelist addresses have a 24-hour cooldown period.

Regular Security Audits

• Check login records weekly
• Review API keys monthly
• Change passwords quarterly

Security Reminders

• Binance support will never ask for your password, verification codes, or PIN
• Don't click "Binance" ad links in search engines — they may be phishing sites
• Use a dedicated email for your Binance account separate from your daily social email
• Consider distributing large holdings across multiple platforms

FAQ

Can stolen cryptocurrency be recovered?

If funds are still within Binance (transferred to another Binance user), recovery chances are relatively high. If withdrawn to an external address, recovery is very difficult, but you should still file a police report for law enforcement involvement.

How long does it take to restore a frozen account?

Simple cases typically take 1-3 days. Complex cases involving fund losses may require longer investigation time.

Do I need to redo KYC verification?

Generally no. During account recovery, you may need to submit ID documents for identity verification, but this is identity confirmation, not a new KYC process.

Should I close the old account and register a new one after being hacked?

Not recommended. Your old account has complete transaction records and KYC information. Just strengthen security and continue using it. Binance only allows one verified account per identity.

Is it useful to file a police report?

Yes, especially for significant amounts. A police report is an important document for pursuing claims and may help law enforcement dismantle criminal networks.