Many people skip the anti-phishing code after signing up for Binance, thinking it's unnecessary. In reality, phishing emails are one of the most common ways crypto users get their accounts compromised. Setting up an anti-phishing code takes just a minute but can help you dodge a major category of scams.
If you don't have a Binance account yet, sign up for Binance to create one. After signing up, it's recommended to immediately set up the anti-phishing code along with other security options. Download the Binance app for easy setup on your phone.
What Is an Anti-Phishing Code
The anti-phishing code is a personalized passphrase you set yourself (4–20 characters). Once set, every official email from Binance will include this passphrase. If you receive an email claiming to be from Binance but it doesn't contain your anti-phishing code, it's fake.
Scammers can spoof Binance email addresses and mimic Binance email templates, but they can never know what anti-phishing code you've set. That's why this feature is so effective.
How to Set It Up
Open the Binance app, go to "Profile" → "Security" → "Anti-Phishing Code." Tap to enable and enter a word or phrase that's easy for you to remember but hard for others to guess — such as a nickname only you know, or an abbreviation of a special phrase.
Once set, starting from the next email you receive from Binance, the email body will display your anti-phishing code. Every time you get a Binance email, check the anti-phishing code first before deciding whether to click any links.
Common Phishing Email Tactics
Phishing emails typically disguise themselves as official Binance notifications with content like "Your account has a security risk — please verify immediately" or "You have an unclaimed reward." The email includes a link that leads to a fake Binance login page. If you enter your credentials there, the scammers win.
Some phishing emails are extremely convincing, and the sender address may even look like an official Binance address. Without an anti-phishing code, it's very hard for average users to tell real from fake.
What Else Can You Do to Stay Safe
First, never log in to Binance by clicking links in emails. Build the habit of manually typing the URL or logging in directly through the app.
Second, verify the URL is correct. Binance's official domain is binance.com. Watch for extra letters or spelling variations like "blnance" or "binannce."
Third, enable Google Authenticator. Even if your password is phished, without the verification code, scammers cannot log in.
Fourth, never trust any "Binance support" that contacts you first. Binance will never reach out to you through private messages, WeChat groups, or Telegram.
Can You Change the Anti-Phishing Code
Yes. You can change it anytime in your security settings. It's recommended to update it every few months. After changing it, new emails will display the new code, and the old one becomes invalid.
Setting up an anti-phishing code is a zero-cost, high-return security measure — there's no reason not to do it. Spend one minute setting it up, and you'll have long-term protection for your account.