Dear MAX/MaiCoin User,
Amidst a recent increase in phishing incidents, we have observed that fraudulent groups and hackers are using phishing emails and websites to obtain users' personal data, including account passwords.
To counter this, we have implemented a 24-hour withdrawal hold following any password reset. This feature provides a critical safety buffer for users, preventing the malicious withdrawal of assets. Concurrently, our internal teams are continuously working to strengthen our system's security mechanisms to protect your assets.
We urge you to remain vigilant and partner with us in creating a more secure trading environment by adopting the following protective measures.
Common Attack Methods
Be aware of these common tactics used by attackers:
- Taking control of a user's computer to access their registered email account, then using that access to reset the platform password.
- Using fake third-party verification pages or exploiting cloud-sync features of authenticator apps to steal 2FA codes and seize account control.
- Combining a stolen platform password with a compromised 2FA code to steal account information and assets.
Essential Security Measures for Your Account
To protect your account, you must take the following actions:
- Set a Strong Password:Avoid using passwords related to personal information (e.g., birthdays, names). We strongly recommend using a unique, complex password and changing it periodically.
- Enable Two-Factor Authentication (2FA):Secure your account with a dedicated authenticator app (like Google Authenticator). For maximum security, avoid using the cloud sync or backup features within your authenticator app.
- Keep Your Devices Secure:Regularly scan your computer and mobile phone for malware to ensure your devices are clean and secure.
- Beware of Phishing Emails and Websites:Never click on suspicious links or attachments in emails. Do not provide your personal information or login credentials on any unverified website. Always double-check the URL.
- Regularly Check Your Email Account:Monitor your email inbox and settings frequently. A new tactic used by hackers involves setting up filters to automatically move exchange notifications to spam or trash, preventing you from seeing critical security alerts.
- Be Alert for Unusual Activity:If you notice any suspicious activity on your account, please contact our customer support team immediately.
- Secure Your Browser:When logging in through a web browser, avoid using untrusted third-party extensions. For a safer session, consider using Incognito or Private mode, which typically disables all extensions by default.
- Official Communication Channels:Please be aware that our official social media channels (Facebook, Instagram, Telegram, X/Twitter, etc.) will NEVER do the following:
- Send you a private message asking for your password, 2FA codes, or seed phrases.
- Direct you via message or email to download a separate or third-party application.
- Ask you to temporarily disable any of your security settings.
- If you encounter any suspicious activity or communication, please report it and verify through our official website or customer support channels only.
Additional Security Reminder
Be vigilant for any SMS verification codes you did not request or suspicious emails about a MAX password reset or 2FA removal. If your phone is lost, your device is compromised, or your email account has been hacked, it is crucial that you contact customer support or self-freeze your account immediately.
Thank you for your continued support.
Sincerely,
MaiCoin Team