SMS scammers posing as Binance have an even trickier way to fool victims

The Australian Federal Police (AFP) have issued warnings to over 130 individuals regarding a sophisticated text message scam targeting cryptocurrency users. The scheme mirrors legitimate communications from recognized exchanges such as Binance, leveraging a “sender ID” that can easily mislead recipients.

In a statement released on March 21, the AFP detailed the mechanics of this impersonation scam. Scam texts are sent via traditional SMS and encrypted messaging apps, with fraudsters posing as representatives from Binance. Victims receive alarming messages that claim their crypto accounts have been compromised, urging them to quickly create new wallets to secure their assets. These messages are designed to blend seamlessly into existing conversations, making them seem authentic.

The AFP highlighted that the scam often employs fake verification codes and a technique known as ‘spoofing,’ allowing the messages to appear alongside genuine communications from Binance. In addition, the scammers provide a support phone number, leading victims to further compromise their security by transferring their assets to a fraudulent “trust wallet” controlled by the criminals.

The sender ID feature of online messaging services poses a significant vulnerability, allowing for easy manipulation of identities. When received, these messages are grouped by their ID, creating the illusion of legitimacy through association with legitimate threads. As noted in a 2019 report by the Australian Broadcasting Corporation, such exploitation of text messaging systems is alarmingly simplistic, allowing scammers to craft effective deceptions.

To combat the rising tide of these scams, the AFP has proactively contacted the identified victims, outlining steps to mitigate potential losses. Commander Graeme Marshall of the AFP’s Cybercrime Operations division emphasized the rapid movements of funds once transferred, complicating recovery efforts as stolen assets swiftly circulate through a series of wallets.

This alert coincides with similar incidents where users of other prominent platforms, such as Coinbase and Gemini, were targeted through fraudulent emails purporting to assist with account security, further illustrating the pervasive nature of phishing attempts in the crypto realm.

The AFP has outlined several warning signs for this type of scam, including unsolicited messages from supposed Binance representatives regarding account security, urgent calls to action, and requests for seed phrases. Binance’s Chief Security Officer, Jimmy Su, pointed out the prevalent issue of scammers impersonating trusted platforms, exploiting telecom loopholes to manipulate sender information. Su advises users to always verify the authenticity of channels through official resources.

In response to the alarming frequency of such scams, the Australian government has proposed an SMS Sender ID Register set to be launched in late 2025. This initiative aims to enforce an industry standard requiring telecom companies to validate whether messages sent under a brand name correspond with registered legitimate senders.

Meanwhile, the financial toll on Australians due to investment scams is staggering. The AFP’s report from August indicated that approximately AUD 382 million (USD 269 million) was lost to various scams in the preceding year, nearly half of which were crypto-related.

As scams become increasingly sophisticated and prevalent, education and proactive measures are essential to safeguard the crypto community from such malicious intentions.