Sources checked

How we checked this

We reviewed the linked sources and keep this page updated when the record changes. Use the source list below to verify the details.

Source links attached Safety context included Corrections open

Short answer

A request for a selfie or video selfie is not automatically fake. Public cyber-safety authorities warn, however, that criminals often imitate legitimate security checks to pressure users into sharing sensitive information. The safest first move is to avoid replying through the message you received and instead open the exchange app or type the official website address yourself to see whether the same request appears there.

A request for identity material is also different from a request for account secrets. If someone asking for a selfie also asks for your password, one-time code, seed phrase, private key, remote access, or payment, that is a serious warning sign.

Summary: A video selfie can be part of a genuine account check, but you should only trust it after confirming it through an official channel you opened yourself.

Context

Scammers use branding, urgency, and fear because those tactics can make people act before they verify the sender. Public cyber-security guidance consistently treats phishing and impersonation as verification problems, not just message-format problems. In other words, the fact that a request mentions security or identity does not make it trustworthy on its own.

That matters during account holds, login problems, or withdrawal delays. Extra checks may be legitimate, poorly explained, or fraudulent; the message alone does not settle that question. A safer approach is to verify first, then decide whether to proceed.

What a legitimate request may have in common

Because the current source set is limited to public cyber-safety guidance rather than exchange-specific help pages, the points below should be read as cautious safety patterns, not universal rules for every platform.

It should be independently verifiable

A lower-risk request is one you can confirm after you independently open the official app or website. If the request exists only in an email, text, social message, or chat thread, you have less reason to trust it.

It should stay limited to identity confirmation

A genuine review may focus on confirming who you are. It should not require you to hand over control of the account or device. Requests for login credentials, authentication codes, recovery phrases, or remote screen access fit common phishing patterns described by public cyber authorities.

It should give you a clear submission path

Before sending any ID, selfie, or video, confirm where the material is being uploaded. If the destination is unclear, off-platform, or impossible to verify independently, the risk increases.

Signals to compare before you send anything

Date checked: This guidance was reviewed against the currently supplied source set at the time of revision. It does not confirm any single exchange's current verification process, document list, timelines, or biometric handling practices. Re-check the platform's official help and privacy pages before uploading personal material.

SignalLower-risk patternHigher-risk patternWhy it matters
How contact startedYou can confirm it inside the official app or siteIt depends on a link, DM, text, or unsolicited chatIndependent verification helps reduce phishing risk
What is requestedIdentity-related material onlyPasswords, 2FA codes, seed phrases, private keys, remote access, or paymentLegitimate identity checks should not require account secrets
ToneProcedural, limited, and checkableUrgent, threatening, or emotionalPressure is a common social-engineering tactic
Upload routeClearly tied to the official platformRandom file link, personal address, or unclear portalUnverifiable destinations raise impersonation and privacy risk
Your ability to pauseYou can stop and confirm through official channelsSender tries to stop you from checkingResistance to verification is a red flag

What to do next

Practical checklist

If you receive a video-selfie request, use this order before sending anything:

  1. Do not use the message link first. Open the app or type the official domain manually.
  2. Check whether the request appears inside your account or a confirmed support page. If not, slow down.
  3. Do not share secrets. Never send passwords, one-time codes, seed phrases, or private keys.
  4. Do not grant remote access. Do not install screen-sharing tools or let anyone control your device.
  5. Open a fresh support contact through the official site or app if you are unsure. Ask whether the request is genuine and where documents should be uploaded.
  6. Keep records. Save screenshots, timestamps, sender details, and any links or domains involved.
Red flags that justify stopping

Pause and verify again if any of the following happens:

  • You were contacted unexpectedly through social media, chat, or direct message.
  • The sender says your funds will be lost immediately unless you comply.
  • The request expands from identity proof into credentials or wallet access.
  • The upload destination looks unfamiliar or cannot be matched to the official platform.
  • The sender discourages you from checking through the official app or website.

What not to assume

Do not assume that every selfie request is fraudulent. Do not assume that a branded message is safe either. The more reliable test is whether you can verify the request independently and whether the request stays within reasonable identity-check boundaries without asking for secrets or device control.

Conclusion

A video selfie request can be consistent with a genuine account-security check, but it can also be copied by impersonators. The safest response is to verify through the official platform first, limit what you share, and treat urgency or requests for credentials as warning signs.

Sources

  • CERT Polska — official cyber-security alerts and guidance on phishing and impersonation.
  • NASK — official public cyber-safety resources.
  • Gov.pl: Cyberbezpieczeństwo — government cyber-security guidance on safe verification and phishing precautions.

Update log

  1. 17 Jul 2026Published with source tracking and reader-safety context.
  2. CorrectionsIf a source changes or a claim needs clarification, this page can be updated from the editorial desk.