Essential Guide to Preventing New Scams and Protecting Your Funds

In recent times, malicious actors have continued to impersonate official staff from various platforms, including OKX, spreading false promotional activities through channels like Twitter, Telegram, WeChat, and other instant messaging apps. Their goal is to trick users into scanning QR codes or logging into phishing websites to steal personal information and assets.

This article outlines common scam tactics and provides crucial safety tips to help you enhance your awareness and safeguard your funds.

Common Scam Techniques and How to Avoid Them

Fake Giveaways and Promotions

Scammers often pose as official representatives, posting fake announcements about events such as "exclusive token airdrops." They lure users to unauthorized websites or encourage participation in fraudulent investment schemes to harvest login credentials and steal digital assets. Another method involves promoting "recharge rewards" or other fake incentives, persuading users to transfer funds to designated addresses, resulting in financial loss.

Key red flags:

• Unsolicited messages about limited-time offers
• Requests to log in via unofficial links
• Promises of high returns with little or no risk

Off-Platform Trading Scams

1. Fake OTC Offers: Fraudsters contact users on social media, offering to buy or sell digital assets like USDT at unusually favorable rates. They may build trust through small initial trades but later refuse payment, provide counterfeit currency, or disappear after receiving funds.
2. Bait-and-Switch with Gift Cards: Scammers advertise discounted virtual gift cards (e.g., phone or gas cards). After a few successful small transactions, they push for a large deal, then block the user after receiving payment.
3. Impersonating Customer Support: After a user cancels a fiat trade order, fraudsters pose as customer support via in-app chat, claiming to "resolve" the issue by guiding users to conduct off-platform transactions or authorize unsafe transfers.

👉 Learn secure trading practices

Investment and Romance Scams

1. Fake Relationships and Profiles: Scammers create fake identities on dating or social platforms, gaining trust before promoting fraudulent investment schemes. Victims are led to platforms where withdrawals are blocked.
2. False Collaboration Claims: Impersonating OKX partners, these actors invite users into groups on WhatsApp, Telegram, or QQ, promoting "arbitrage opportunities," "high-yield returns," or "automated trading" to lure investments—only to disappear with the funds.
3. Smart Contract Deception: Users are persuaded to transfer ETH to unknown wallets with promises of receiving OKB or other returns. The transferred assets are fake, and any attempt to withdraw results in permanent loss.
4. Fake Web3 Activities: Scammers share links to fake reward programs, tricking users into exposing private keys or granting transaction approvals, leading to wallet drainage.
5. Fake Mining Pools: Early small rewards encourage users to invest more or refer friends. Eventually, the scammer manipulates the contract to withdraw all funds.

Impersonating Official Staff

1. Fake Officials and Authority Figures: Posing as customer support or even law enforcement, scammers contact users via phone or social accounts, claiming account risks or mandatory security checks. They steal account details or convince users to transfer assets.
2. Screen Sharing Scams: Users are tricked into downloading remote meeting apps. The scammer then uses screen sharing to steal private keys or security codes during "guided" sessions.
3. Phishing via In-App Chat: Fraudsters send phishing links through impersonated official chats, then use voice or text instructions to extract login credentials and verification codes.

Phishing Websites and Links

Scammers send emails or SMS messages pretending to be from OKX, alerting users to "account upgrades," "migration," "risk control triggers," or "IP changes." These messages include links to fake websites that capture login credentials and two-factor codes when entered.

Proactive Safety Measures

Keep Personal Information Secure

• Never share wallet passwords, private keys, seed phrases, or Keystore files.
• Always verify website authenticity before approving any transaction or authorization.
• Regularly review and revoke wallet permissions for unfamiliar dApps.
• Official staff will never ask for security codes or passwords. Avoid sharing screens or sending screenshots containing sensitive data.

Verify Official Platforms

• Only trust announcements made through the official OKX website. Avoid accessing the site via search engines; manually type the URL: www.okx.com.
• OKX does not have a "Security Center." Beware of links claiming otherwise.
• Enable anti-phishing codes in your account settings. OKX includes this code in genuine emails, helping you identify phishing attempts.
• Use DNS checks to confirm website authenticity—this ensures you are not directed to fake clones.

Don’t Trust Unverified "Official" Communications

• Confirm any unusual activity or offer via the official OKX announcement page.
• OKX will never ask you to transfer funds, make trades, or share security details.
• Verify suspicious contacts through the official verification channel.
• Look for the blue official badge in OKX in-app chats—unverified accounts lack this designation.

Avoid Too-Good-To-Be-True Offers

• Be skeptical of promises of high returns, expert trading advice, or guaranteed profits.
• Do not click links or download files from unsolicited messages.
• Avoid off-platform trades involving digital assets or gift cards.
• If scammed, preserve all chat and transaction records and report to local authorities immediately.

Frequently Asked Questions

What should I do if I accidentally shared my private key?
Immediately transfer your funds to a new secure wallet. The compromised key should never be reused, as it poses an ongoing risk to your assets.

How can I verify if a website is officially from OKX?
Always manually type the URL 'www.okx.com' into your browser. Check for the correct domain and SSL certificate, and avoid clicking links from emails or messages.

What is an anti-phishing code and how do I set it up?
This is a personalized code set in your account security settings. OKX includes it in all legitimate emails, helping you distinguish real messages from phishing attempts.

Are there any legitimate airdrops or giveaways from OKX?
Official giveaways are only announced on the OKX website or verified social media channels. Never participate in offers received via private message or unverified sources.

What steps should I take if I suspect I’m talking to a scammer?
Cease all communication immediately. Do not share any information. Contact OKX support through official channels to report the incident and confirm the user’s identity.

How can I safely participate in OTC trading?
Use only the official OKX platform for OTC trades. Verify buyer/seller ratings and trade history, and never agree to move transactions off-platform.

Staying vigilant and following these guidelines can significantly reduce your risk of falling victim to scams. Always prioritize security and verify through official channels when in doubt.