Based on recent risk control monitoring, some advertisers, after adding other users as contacts via social media platforms, received malicious files that resulted in computer inflection and financial losses. Our risk control team has handled all affected accounts appropriately after verification and investigation. At the same time, we have individually informed potential victims of the risks involved. To prevent any further incidents, we would like to remind our valued advertisers about the risks associated with providing IM accounts and adding friends from other platforms.
Risk Type 1: Account Theft Through Malicious Files
After placing the order, the criminal will add the advertiser as a contact through the IM information provided the advertiser and then send them various executable files (.exe, .bat, etc.) containing malicious instructions. These instructions will control your computers and phones and steal information such as passwords, chat history, and personal data. Therefore, the criminal can profit by temporarily controlling account permissions or conducting unauthorized logins.
Risk Prevention Suggestions:
- Reject any executable files (.exe, .bat, .com, .vbs, etc.) and request the sender to provide images (.jpg, .jpeg, .png, etc.) or PDF files. (Note: For computer users, please check "File Name Extensions" in "View" under "My Computer" to identify substituted icons or disguised extensions.) If it is necessary to receive the file, ask the sender to provide images (.jpeg, .png, .jpg, .bmp, etc.).
- If you have already received such files, please stop using the affected device for logins. Instead, use another device to change your passwords and run antivirus scanning on the affected device or consider resetting it.
- Disable the automatic download feature of IM, if any.
- We strongly recommend installing antivirus software and refraining from executing files flagged as malware. Commonly used antivirus software includes Norton, McAfee and Symantec.
Risk Type 2: Triangular Fraud
The scammer acts as an intermediary, deceiving both the seller and the buyer. They pose as a buyer who is willing to buy crypto at a high price from the seller while pretending to be a seller offering cheap crypto for the buyer.
The scammer induces the seller to post a designated secret code or account number in the chat box and then persuade the buyer to transfer funds to the scammer's designated account.
1. The scammer communicates with the seller in advance.
2. Then, they persuade the buyer to cancel the order after the payment is made.
3. Finally, they create a new account to place the order again, claiming that the canceled order was placed by the new account. The seller releases the crypto, and the fraud is completed.
Risk Prevention Suggestions:
If someone says they want to buy crypto from you at a high price or sell you crypto at a low price, they are trying to either defraud you or involve you in money laundering activities.
For more details, please see Risk Reminder: Preventing Money Laundering Risks.
In addition, fraudulent transactions targeting advertisers continue to occur. In response, our risk control team has taken ceaseless efforts, enabling us to identify and intercept most incidents in advance. However, a single fraud incident can result in significant financial losses and have a severe impact. To address this, we strongly advise our advertisers to exercise caution when adding the messaging accounts of counterparties, strictly follow trading rules, and maintain a prudent approach toward others' opinions.
Furthermore, we will continue to give full effort to our technological advantages, consistently optimize our risk control system, and develop robust risk control intelligence to offer enhanced user experience and risk control services.