1. What is phishing attack?
Phishing attack is a common way of online scam, which means that someone uses various means to fake a similar URL address and similar webpage contents of a real website, and distribute the fake URL to mass audience via email and various social medias, so as to lead users to click in, and then they will defraud users' bank account, credit card account, password and other personal data, then get users' assets.
2. Common tricks of phishing attack
Email attack: the attacker sends seductive or misleading email to the target user. The e-mail often carries the link of phishing website or the download link of Trojan horse program. If the user does not pay attention to distinguish it, he/she will click the link to enter the phishing website or download the Trojan horse program. Once the Trojan horse program runs, it can monitor the sensitive information entered by the user and get it.
Pharming: the attacker spots the vulnerability of the user's computer system and modify the file about DNS information stored in the user's computer with malicious code, and replaces the website address that the user would visit with the phishing website address. After entering the legitimate website address in the browser, the user will be auto-redirected to the phishing website address. If the user is not aware of this, the attack is successful.
In short, among the common phishing scams in the crypto field, the attackers may fake themselves as platform staff, create phishing websites and publish fake information, claiming "account upgrade", "migration", "refund", "trigger risk control", "capital risk", "account to be closed" and so on through email,SMS and other channels, and induce users to click the phishing website link or scan the phishing QR code. Once the account password and other information is leaked, the assets in the user account will be quickly transferred away.
3. How to prevent phishing attacks
1. Always stay vigilant when you receive:
- Deceptive emails that pretend to be from Tapbit
- Deceptive URLs that pretend to be Tapbit official website
- False information in text messages with suspicious links, which induces you to withdraw funds, verify orders, do video verification and so on to protect your funds from some fabricated risks
- False links being spread on social media
Please do not open suspicious links or articles shared by strangers. In case you clicked malicious links and your account information might be leaked, please visit Tapbit official website immediately and change your login and fund passwords.
Tapbit official website: https://www.tapbit.com
2. When you receive suspicious emails or messages, you should check if the email or the message is legit as soon as possible. There are 2 ways to verify:
① If you receive any suspicious text messages or emails, please check them with our customer service agents online. You can either start a live chat or submit a ticket detailing the matter.
② Verify via the Tapbit Verification Search feature: Log into Tapbit website, scroll down to the bottom, and click "Tapbit Verify". Enter the information you want to verify into the box on the "Tapbit Verify" page.
In order to ensure the safety of Tapbit users' assets, Tapbit hereby reminds all users to remember the URL of Tapbit offical's website. Do not visit suspicious links. Never share your account information, passwords and verification codes with anyone.
Also, Tapbit will never collect assets from users, nor will it provide investment management services. Tapbit customer service agents will never ask users for passwords, verification codes, or double verification codes. Do not trust information from unofficial channels. Be sure to protect your privacy and assets.