Bithumb Launches Anti-Phishing Campaign, Warns of Fake Sites and Spoofed Texts

Bithumb is launching a security campaign to help prevent impersonation phishing attacks targeting users.

The South Korean cryptocurrency exchange said on June 12 that it had released a user protection guide outlining common phishing methods and how to respond, marking its in-house Information Security Day.

Phishing attacks have recently become sophisticated enough to closely resemble legitimate exchanges and financial institutions. Common examples include text messages with spoofed sender names, fake websites mimicking official homepages and emails disguised as security checks.

Bithumb said the most frequently used tactic involves scammers posing as an exchange or financial institution and directing users to fake links by alerting them to issues such as login attempts from overseas IP addresses. Cases are also increasing in which fake websites appear in search engine results or cloned sites are used to steal authentication information.

If users are exposed to such phishing attacks, personal data including account information, two-factor authentication codes, email addresses and mobile phone numbers can be leaked, along with financial and payment information. Reusing the same password across multiple services can lead to additional damage.

Users who click suspicious links or enter personal information should immediately disconnect from the network, change their account passwords, run antivirus scans and update their operating systems and software, the company said.

"Impersonation phishing scams are becoming so sophisticated that they can be difficult to distinguish from the real thing," a Bithumb official said. "The most effective preventive measure is to make a habit of checking the sender's address and the official URL one more time."

The company will continue to strengthen security guidance and protective measures to safeguard users' assets and personal information, the official added.