Slow Mist CISO: Beware of SMS phishing attacks by Binance users, suggest Binance officials thoroughly investigate the issue

Odaily Planet Daily reported that according to CISO 23pd of SlowMist, a warning was posted on X platform, "Attention, there has been a latest SMS phishing attack targeting Binance users. Recently, two people received the same phishing message on the same day, and the phishing message appeared in the conversation thread of Binance's official message, in the same context as the previous official message, sharing the same channel. What's even more astonishing is that the time span is quite large, and the official message environment has been accurately forged. The current possible explanation is that the SMS channel has been exploited or hijacked by phishing individuals. The first text message did indeed come from an official number, but later received a fraudulent message, which may indicate: 1. Scammers forged official SMS sources (SMS Spoofing) They use technological means to forge SMS sending numbers, making them appear consistent with official numbers, allowing phishing messages to infiltrate official conversation threads. 2. They exploit SMS gateway vulnerabilities or supply chain attacks Scammers may have attacked SMS gateways or exploited security vulnerabilities of operators/third-party SMS service providers to successfully embed phishing messages into official channels. There may even be cooperation with unscrupulous SMS suppliers who directly forge official SMS replies, making it difficult for users to distinguish between authenticity. Please check with Binance officials to identify the problem, and at the same time, please raise your security awareness and pay attention to fund security