Redirected from a real exchange site to a fraudulent site?

0

I was attempting to reset my authenticator through the real binance site and somehow I got redirected to binancezh.cc which was immediately alarming to me when I noticed; however, upon further investigation, one of the links that led to binancezh.cc was in an automated email sent from binance.com.

How could I have been redirected to a fraudulent site from an interaction that I initiated on the real site?


Edit: It appears that the site is somehow legit but not intended for public use https://www.reddit.com/r/binance/comments/krt1he/binancezhcc/gif9ca0?utm_source=share&utm_medium=web2x&context=3

Jordan

Posted 2021-01-07T05:02:36.693

Reputation: 101

1How did you verify that the email was authentic and the sender address not just spoofed? Did you check DMARC, DKIM? – Murch – 2021-01-07T05:33:14.493

I didn't, I will check that – Jordan – 2021-01-07T15:06:41.903

@Murch, I have validated the DKIM – Jordan – 2021-01-07T15:46:54.663

Answers

1

If it's a fraud, how could they have sent a fraudulent link through a real binance email address?

It has long been trivial to forge the "from" address in Internet e-mail. You could learn how to do it in about thirty seconds.

See https://en.wikipedia.org/wiki/Email_spoofing

The core email protocols do not have any mechanism for authentication, making it common for spam and phishing emails to use such spoofing to mislead or even prank the recipient about the origin of the message.

The link above goes on to describe countermeasures - but note these are not universally applied.

RedGrittyBrick

Posted 2021-01-07T05:02:36.693

Reputation: 9 949

Even still, I initiated the email flow from the real Binance site – Jordan – 2021-01-07T15:07:09.643

1

It looks fraudulent to me, because of the domain. The .cc extension is for the Cocos Islands, and Binance would not use it. They usually tell you to carefully check you are using the right domain. An e-mail can easily be made to look from the right party when it's not.

I would speak to Binance support. Their correct domain is:

https://www.binance.com/

Atrix

Posted 2021-01-07T05:02:36.693

Reputation: 141

I've opened a ticket with Binance, thanks – Jordan – 2021-01-07T15:34:49.900

0

I checked with Binance support, and they gave me a tool they have to check if a site is official. According to this, the site is official. I am guessing they have this site because they operate a decentralised business structure, hence the .cc domain for the Cocos Islands, an Australian territory.

Atrix

Posted 2021-01-07T05:02:36.693

Reputation: 141