How to Spot a Phishing Message:
Urgent call to action or threats - Be suspicious of emails that claim you must click, call, or open an attachment immediately. Often, they'll claim you have to act now to avoid a penalty. This is a common trick of phishing attacks and scams to make you act impulsively before you have the time to do more research.
Tip: Whenever you see a message calling for immediate action take a moment, pause, and look carefully at the message. Are you sure a well-reputable and established institution would need you to act so brashly? Why is a reputable institution so desperate for your money/ business?
Spelling and bad grammar - Professional companies and organizations usually have an editorial team to ensure customers get high-quality and professionally crafted content. If an email message has obvious spelling or grammatical errors, it is very likely a scam. These errors are sometimes the result of awkward translation from a foreign language to English and they would usually rely on translation applications such as the Google / Baidu Translator which would not produce high-quality content as written by a professional editorial team.
Mismatched email domains - If the email claims to be from our Bitflex cryptocurrency exchange but the email is being sent from another email domain like Gmail.com, or microsoftsupport.ru it's probably a scam. We will not use a third-party email domain to send out any emails to customers.
Suspicious links or unexpected attachments - If you suspect that an email message is a scam, don't open any links or attachments that you see.
How to Prevent Phishing:
- Never give any support staff (or anyone else) remote access to your machine - This is the easiest way to steal your wallet and personal information if you give control to a scammer who posed as our support staff.
- Setting up the two-factor authentication (2FA) - This is the most effective method for countering phishing attacks, as it adds an extra verification layer when you log in to your Bitflex account. 2FA relies on users having two things: something they know, such as a password and user name, and something they have, such as their smartphones. Even when your account is compromised, 2FA prevents the use of your compromised credentials, since these alone are insufficient to gain entry.
- Never accept outbound calls asking for your confidential personal information - We will never call you to request confidential personal information such as your login information. If there is someone requesting this, we highly advise that you block the person's number and cease all communication with said person.