How we checked this
We reviewed the linked sources and keep this page updated when the record changes. Use the source list below to verify the details.
Short answer
A request for a selfie or video selfie is not automatically fake. Public cyber-safety authorities warn, however, that criminals often imitate legitimate security checks to pressure users into sharing sensitive information. The safest first move is to avoid replying through the message you received and instead open the exchange app or type the official website address yourself to see whether the same request appears there.
A request for identity material is also different from a request for account secrets. If someone asking for a selfie also asks for your password, one-time code, seed phrase, private key, remote access, or payment, that is a serious warning sign.
Summary: A video selfie can be part of a genuine account check, but you should only trust it after confirming it through an official channel you opened yourself.
Context
Scammers use branding, urgency, and fear because those tactics can make people act before they verify the sender. Public cyber-security guidance consistently treats phishing and impersonation as verification problems, not just message-format problems. In other words, the fact that a request mentions security or identity does not make it trustworthy on its own.
That matters during account holds, login problems, or withdrawal delays. Extra checks may be legitimate, poorly explained, or fraudulent; the message alone does not settle that question. A safer approach is to verify first, then decide whether to proceed.
What a legitimate request may have in common
Because the current source set is limited to public cyber-safety guidance rather than exchange-specific help pages, the points below should be read as cautious safety patterns, not universal rules for every platform.
It should be independently verifiableA lower-risk request is one you can confirm after you independently open the official app or website. If the request exists only in an email, text, social message, or chat thread, you have less reason to trust it.
It should stay limited to identity confirmationA genuine review may focus on confirming who you are. It should not require you to hand over control of the account or device. Requests for login credentials, authentication codes, recovery phrases, or remote screen access fit common phishing patterns described by public cyber authorities.
It should give you a clear submission pathBefore sending any ID, selfie, or video, confirm where the material is being uploaded. If the destination is unclear, off-platform, or impossible to verify independently, the risk increases.
Signals to compare before you send anything
Date checked: This guidance was reviewed against the currently supplied source set at the time of revision. It does not confirm any single exchange's current verification process, document list, timelines, or biometric handling practices. Re-check the platform's official help and privacy pages before uploading personal material.
| Signal | Lower-risk pattern | Higher-risk pattern | Why it matters |
|---|---|---|---|
| How contact started | You can confirm it inside the official app or site | It depends on a link, DM, text, or unsolicited chat | Independent verification helps reduce phishing risk |
| What is requested | Identity-related material only | Passwords, 2FA codes, seed phrases, private keys, remote access, or payment | Legitimate identity checks should not require account secrets |
| Tone | Procedural, limited, and checkable | Urgent, threatening, or emotional | Pressure is a common social-engineering tactic |
| Upload route | Clearly tied to the official platform | Random file link, personal address, or unclear portal | Unverifiable destinations raise impersonation and privacy risk |
| Your ability to pause | You can stop and confirm through official channels | Sender tries to stop you from checking | Resistance to verification is a red flag |
What to do next
If you receive a video-selfie request, use this order before sending anything:
- Do not use the message link first. Open the app or type the official domain manually.
- Check whether the request appears inside your account or a confirmed support page. If not, slow down.
- Do not share secrets. Never send passwords, one-time codes, seed phrases, or private keys.
- Do not grant remote access. Do not install screen-sharing tools or let anyone control your device.
- Open a fresh support contact through the official site or app if you are unsure. Ask whether the request is genuine and where documents should be uploaded.
- Keep records. Save screenshots, timestamps, sender details, and any links or domains involved.
Pause and verify again if any of the following happens:
- You were contacted unexpectedly through social media, chat, or direct message.
- The sender says your funds will be lost immediately unless you comply.
- The request expands from identity proof into credentials or wallet access.
- The upload destination looks unfamiliar or cannot be matched to the official platform.
- The sender discourages you from checking through the official app or website.
What not to assume
Do not assume that every selfie request is fraudulent. Do not assume that a branded message is safe either. The more reliable test is whether you can verify the request independently and whether the request stays within reasonable identity-check boundaries without asking for secrets or device control.
Conclusion
A video selfie request can be consistent with a genuine account-security check, but it can also be copied by impersonators. The safest response is to verify through the official platform first, limit what you share, and treat urgency or requests for credentials as warning signs.
Sources
- CERT Polska — official cyber-security alerts and guidance on phishing and impersonation.
- NASK — official public cyber-safety resources.
- Gov.pl: Cyberbezpieczeństwo — government cyber-security guidance on safe verification and phishing precautions.
Update log
- 17 Jul 2026Published with source tracking and reader-safety context.
- CorrectionsIf a source changes or a claim needs clarification, this page can be updated from the editorial desk.