Binance Warns of API Scam via Fake Support Calls

Binance has issued an alert about a rising API scam in which fraudsters place fake support calls to trick users into changing their API settings. Victims unknowingly hand over access keys, allowing attackers to drain funds directly. This social engineering scheme combines SMS phishing, spoofed phone numbers and malicious QR codes. In February, Binance also warned of increased SMS phishing attacks and rolled out new verification tools. Recent high-profile losses include 783 BTC (about $91 million) stolen and an Aave (AAVE) exploit via malicious Google Ads. Binance emphasizes it will never ask for passwords or credentials by phone. Traders are advised to rely solely on official channels, enable two-factor authentication, passkeys and enhanced API security, and report any suspicious calls immediately.