How to Tell If Your Account Has Been Compromised
Several signs indicate your Binance account may be under someone else's control: receiving login notification emails you didn't trigger, unexplained balance decreases, unfamiliar transaction records, or password change emails you didn't initiate. If any of these occur, take action immediately. Start by confirming your account status through the Binance registration official page, and make sure you have the latest Binance APP on your phone for quick access.
Four Emergency Steps
Time is money — act on the following steps as quickly as possible after detecting anomalies.
Step 1: Freeze Your Account Immediately
This is the most critical step. Once frozen, all trades and withdrawals are suspended.
How to do it:
- APP: Profile → Security → Account Management → Disable Account
- Web: Log in → click avatar → Security → Disable Account
- If you've been logged out, initiate a freeze through the "Security Verification" channel on the login page
Step 2: Change Your Password
If you can still log in, change your password immediately. Your new password should:
- Be at least 12 characters long
- Mix uppercase and lowercase letters, numbers, and symbols
- Not be reused from any other platform
Step 3: Remove All Logged-In Devices
In Security Settings under "Device Management," remove all devices. This forces all sessions to log out, including the attacker's.
Step 4: Check and Delete API Keys
Go to the API Management page. If you find any API keys you didn't create, delete them immediately. Attackers frequently use API keys to remotely control accounts.
Figuring Out How You Were Compromised
After the emergency response, calmly investigate the cause to prevent it from happening again.
Phishing Attacks
This is the most common method of intrusion. Attackers send fake Binance emails to lure you into entering login credentials on counterfeit websites.
How to check:
- Review recent "Binance" emails and verify sender addresses
- Check browser history for misspelled Binance domains
- Recall whether you entered your password on any "promotional" pages
Mobile Malware
Your phone may have been infected with password-logging malware.
How to check:
- Review recently installed apps for suspicious items
- Run a full security scan
- Check if any unknown apps have accessibility permissions
Password Leaks
The same password you use on other platforms may have been exposed in a data breach.
How to check:
- Visit haveibeenpwned.com to see if your email is in a breach database
- If so, change passwords on all platforms where you used the same one
Social Engineering
Someone impersonating a friend, customer support, or official representative tricked you into sharing verification codes or login details.
How to Properly Contact Binance Support
Submit a Security Ticket
- Access the Binance Help Center through official channels
- Select "Account Security Issue"
- Provide the following:
- Exact time of the incident
- Screenshots or descriptions of suspicious activity
- Your registered email and phone number
- Suspected cause of the breach
- Keep your email accessible while waiting for a reply
What Support Can Do
- Freeze and restore accounts
- Track fund movements within the platform
- Cooperate with law enforcement investigations
- Assist with fund recovery when conditions are met
Comprehensive Security Hardening After Recovery
Enable Anti-Phishing Code
This is the most effective defense against phishing. Set a code that only you know — all legitimate Binance emails will include this code. Emails without it are fake.
Enable Hardware Security Keys
Hardware keys like YubiKey can prevent most remote attacks. Even if an attacker has your password and verification code, they cannot log in without the physical key.
Enable Withdrawal Whitelist
Turn on the withdrawal address whitelist in the Binance APP security settings. Only pre-approved addresses can receive withdrawals. New whitelist addresses have a 24-hour cooldown period.
Regular Security Audits
- Check login records weekly
- Review API keys monthly
- Change passwords quarterly
Security Reminders
- Binance support will never ask for your password, verification codes, or PIN
- Don't click "Binance" ad links in search engines — they may be phishing sites
- Use a dedicated email for your Binance account separate from your daily social email
- Consider distributing large holdings across multiple platforms
FAQ
Can stolen cryptocurrency be recovered?
If funds are still within Binance (transferred to another Binance user), recovery chances are relatively high. If withdrawn to an external address, recovery is very difficult, but you should still file a police report for law enforcement involvement.
How long does it take to restore a frozen account?
Simple cases typically take 1-3 days. Complex cases involving fund losses may require longer investigation time.
Do I need to redo KYC verification?
Generally no. During account recovery, you may need to submit ID documents for identity verification, but this is identity confirmation, not a new KYC process.
Should I close the old account and register a new one after being hacked?
Not recommended. Your old account has complete transaction records and KYC information. Just strengthen security and continue using it. Binance only allows one verified account per identity.
Is it useful to file a police report?
Yes, especially for significant amounts. A police report is an important document for pursuing claims and may help law enforcement dismantle criminal networks.
Direct APK install for Android, overseas Apple ID needed for iOS
Sign up through our link for an automatic fee discount on every trade