KuCoin aims to protect user privacy and assets from infringement. Our security team has been constantly improving related mechanisms and performing periodically reviews to protect user privacy and assets.
Please take the necessary protective measures below to ensure the security of your personal information and accounts. Meanwhile. please follow our guidance to understand common fraud tactics in the industry, as detailed below:
Part 1. Restrict login IP
We recommend that you turn on this feature. When your login IP changes, the account protection mechanism will be immediately triggered and you will be logged out automatically.
Part 2. Anti-phishing Safety Phrase(Email/Login/Withdrawal Safety Phrase)
In order to prevent phishing emails and phishing websites, please go to set your security anti-phishing safety phrase (such as a motto, etc.). When you log into the website or receive an email, it will display in the email from KuCoin or login window. If it is not displayed or the safety phrase is incorrect, it means that you may log into the phishing site or receive a phishing-email, then please do not proceed any further.
Part 3. Official Media Verification
To prevent any frauds in the name of KuCoin, you can confirm an official KuCoin contact or domain by entering the telephone number, email, WeChat, Telegram, Skype, Twitter, or website address in the search bar.
Part 4. Phishing Sites
In a phishing scam, the attacker tries to disguise themselves as a trustworthy entity in order to trick you into giving them sensitive information that can be used to gain access to your devices and accounts and steal your money. It is, therefore, important that our clients be very careful and learn good habits to help avoid these scams. Here are some important things to remember that can help keep your KuCoin account secure from phishing scams:
What should I look out for?
- Every time you log into your account, we recommend double-checking that you are visiting the correct URL https://www.kucoin.com, which you can find below. You should bookmark it right away.
- Check that the URL address starts with https://
- Check the Site Certificate to see whether a website is safe to visit. If you are using Google Chrome, you can check the security status to the left of the web address (a green lock is an indicator that the website is secure). If you are using a different browser, please look at how to view the Site Certificate in the settings of your browser.
- When typing KuCoin into a search engine (ie Google) or any link sent to you from an external source or website, please double check the URL is legitimate.
- When clicking on Google Ads, ensure that you check the URL is legitimate as phishing sites have been known to place fake advertisements.
- When clicking on any email that looks like it has been legitimately sent from KuCoin, check the sender address. Scammers often send emails with links that look real but actually redirect you to a fake site. Further information on spoof emails is detailed in point 4 below.
Part 5. Fake KuCoin Support Phone Numbers/Phishing - Email
1. Fake KuCoin Support Phone Numbers: Some sites have been known to list a 'support' number for KuCoin. These numbers are not legitimate support numbers as WE DO NOT CURRENTLY OFFER SUPPORT VIA PHONE. Scammers regularly set up these numbers and when users phone, they are hoping to obtain your personal account details to access your account.
- Never phone any number that claims to offer KuCoin support.
- Never disclose any of your personal information to a support person over the phone who claims to be a member of the KuCoin support team.
- Be aware that KuCoin support staff will never contact you via the phone. If you receive a call from someone claiming to work for KuCoin support, we recommend you hang up straight away and block the caller from your device.
Phishing - Email: Recently there have been a lot of scam E-mails in the name of "KuCoin Team". When you receive such emails, please make sure to talk to our admins in the Telegram group chat to verify the E-mails.
Below is an example of a scam E-mail
What should I look out for?
- KuCoin will never ask for payment via emails.
- KuCoin will never ask you to send payment to a specific address via E-mail.
- KuCoin staff will never ask you for your password or two-factor authentication details.
Part 6. Scammers on Twitter/Telegram
Twitter: It is always a great idea to keep up to date with KuCoin via Twitter. However, always be sure you are on the official KuCoin twitter account. Copy accounts will duplicate everything they can to seem like the real deal. However, always double check the Twitter handle is @kucoincom.
What should I look out for?
- It is a good idea to bookmark our official Twitter page or access it through our website.
- The only KuCoin account on Twitter is@kucoincom, anything else is a spoof.
- Always make sure both name & username match the official account.
- Spotting a fraudulent account:
Telegram: Remember that we will never ask you to send money to any address for any reason. If someone asks you to do this, they are trying to scam you and they should be ignored. Report these users to an administrator privately.
Below are some examples of a Telegram scammer
Part 7. Other Security Tips
- We recommend you change your KuCoin password regularly and use a password you do not use anywhere else.
- Activate or upgrade your 2FA to dynamic code, for example, Google Authenticator.
- Regularly check to see if your e-mail has been compromised. Go to:https://haveibeenpwned.com/ or https://hacked-emails.com/verified_leaks.
- Enable 2FA on your E-mail account.
- Regularly change your E-mail account password.
- Create a new E-mail address that is used ONLY for KuCoin for maximum security.