Sources checked

How we checked this

We reviewed the linked sources and keep this page updated when the record changes. Use the source list below to verify the details.

Source links attached Safety context included Corrections open

Short answer

Do not trust branding on its own. A message can use a real exchange name, logo, and familiar-looking domain fragments and still be an impersonation attempt. Safer practice is to avoid replying, clicking links, installing software, sharing one-time codes, or sending money until you verify the contact through the exchange's official site or app that you opened independently.

Date check: This guidance was reviewed against the listed public cyber-safety sources for publication readiness, but support channels and platform security features can change. Re-check the exchange's current help or security pages before acting.

Why this happens

Phishing and impersonation rely on copied appearance and pressure. Public cyber-safety guidance warns that suspicious messages may imitate trusted organizations, use convincing language, and push the target to act quickly. That is why the message's look is a weak trust signal by itself.

Weak signals people often overvalue

A copied logo, a display name that matches a real company, a reference number, or a web address that includes the brand name may make a message look familiar. Those details do not, by themselves, confirm who controls the sender address, the reply path, or the site behind the link.

Stronger signals to prioritize

A safer check is to leave the message and reach the exchange through a path you already trust, such as a saved bookmark, a manually typed address, or the official app already installed on your device. Then compare what the message claims with what you can verify inside your account or on the platform's published support and security pages.

What to verify next

1. Verify the contact channel

Start with how the message reached you: email, text, social media, chat app, or phone. If the contact method is unexpected, or does not match the exchange's published support information, treat that mismatch as a warning sign and slow down.

2. Check the full sender details

Do not rely only on the visible sender name. Look at the full email address or account identity if your platform shows it. A familiar brand name in bold is not the same as a verified sender.

3. Inspect the destination, not just the link text

A message can show reassuring button text while sending you somewhere else. Public cyber guidance favors navigating manually to a known destination instead of using links embedded in a suspicious message. If a link asks you to log in urgently, treat that as a reason to verify outside the message.

4. Check the requested action

The most important clue is often what the sender wants you to do. Requests to share one-time codes, move to a private chat, install software, send a payment, or reveal seed phrases or private keys are high risk. Wallet secrets should not be shared with support contacts.

5. Re-enter the exchange independently

Open the exchange directly using your trusted route. Then check whether the same warning, ticket, restriction, or account notice appears inside your signed-in account. A claim that exists only inside the message is weaker than a claim you can verify on the official platform yourself.

6. Review your account from the official platform only

If the message claims there is a freeze, suspicious login, or urgent review, inspect your account from the official site or app only. Review the security information the platform makes available to you, such as recent activity, current sessions, password status, or other visible account protections. Specific features vary by platform.

Which facts need verification?

Before you treat the message as genuine, verify these points through an independent route:

  • Whether the exchange actually uses that contact channel for support or security notices.
  • Whether the full sender identity matches official published information.
  • Whether the exact web address is one you already trust, rather than one that only contains the brand name.
  • Whether the same ticket, alert, or restriction appears inside your real account.
  • Whether the requested action matches normal security practice, rather than pushing you to share codes, wallet secrets, install tools, or pay.

Quick verification table

Signal in the messageWhat it may meanWhat it does not proveSafer next check
Real exchange name or logoPublic branding was copiedThat the message came from the exchangeOpen the official site or app independently and compare support information
Web address contains the brand nameThe sender wants the address to look familiarThat the domain is officialCompare the exact address with the route you already trust
Ticket number or case IDThe message imitates a support processThat a real case existsSign in independently and look for the same case or notice
Urgent warning about account access or withdrawalsThe sender is using pressureThat your account is actually restrictedCheck your account directly on the official platform
Request to continue in a private chat or off-platform channelThe sender is moving you away from normal checksThat this is an approved support pathCompare with published support guidance
Login page that looks correctThe page may copy the real interfaceThat the site is genuine or safeLeave the page and navigate manually instead

Practical checklist before you respond

  1. Do not click the link or use the reply button yet.
  2. Open the exchange through a bookmark, typed address, or official app you already trust.
  3. Check whether the contact channel appears on the exchange's public support or security pages.
  4. Compare the full sender details with what you can verify independently.
  5. Look inside your account for the same alert, ticket, or restriction.
  6. Refuse any request for one-time codes, seed phrases, private keys, remote access, or payment.
  7. Save evidence such as screenshots, timestamps, sender details, and web addresses.
  8. Report the suspected impersonation through the exchange's official reporting path or your local cyber-reporting route, where available.

If you already clicked or replied

Move from verification to containment. Stop engaging with the sender. Return to the official platform directly, review your account security from there, and preserve records of the message, links, and any identifiers used. If you exposed wallet-sensitive information, treat the risk as higher and act through official account and device-security steps only. Because platform tools differ, re-check the exchange's current help and security documentation for the exact options available to you.

Bottom line

When a support message looks convincing but the trust signals are mixed, do not let the branding decide for you. Verify the channel, sender, destination, and requested action through a route you opened yourself. If you cannot confirm those basics independently, do not proceed.

Sources

Update log

  1. 9 Jul 2026Published with source tracking and reader-safety context.
  2. CorrectionsIf a source changes or a claim needs clarification, this page can be updated from the editorial desk.