Fake Binance Two-Factor Authentication Reset Scams
Attackers use fake Binance security alerts to trick users into resetting their 2FA to an attacker-controlled method. Any unexpected 2FA change request should be verified directly at binance.com — never through an email link.
Part of: Fake Two-Factor Authentication Scams
Last reviewed: 7 June 2026
Two-factor authentication is the primary security control protecting Binance accounts from unauthorized access. Because attackers know this, they specifically target the 2FA method itself: either tricking users into resetting it to a method the attacker controls, or intercepting one-time codes at the moment they are entered on a phishing page.
Fake Binance 2FA scams arrive in several forms: phishing emails warning that the account's 2FA has been disabled and urging immediate re-enrollment; fake support calls claiming that an outdated authentication method needs to be upgraded; and SIM-swap attacks that redirect SMS-based 2FA codes to the attacker's device.
Binance's genuine 2FA management is available in Account Settings > Security on the official platform. Changing 2FA requires confirming the current method before setting a new one. Any communication that bypasses this process — asking for the current 2FA code while claiming to replace it — is an attack.
How this scam works on the Binance brand
A phishing email claims that Binance has detected that the user's Google Authenticator is 'outdated and vulnerable' and that a mandatory upgrade requires clicking a link and scanning a new QR code. The QR code on the phishing page is for the attacker's own authenticator — enrolling it gives the attacker ongoing 2FA control rather than the user.
A phone-based variant involves a caller claiming to be Binance security, saying the victim's SMS 2FA has been compromised and needs to be deactivated. The caller asks the victim to provide the current OTP 'to verify identity and process the deactivation' — which the attacker uses in real time to access the account.
Binance's genuine 2FA change process is done entirely within the platform, requires confirmation of the existing method, and is logged in the Security Log. Binance does not send QR codes for authenticator re-enrollment via email links, and no Binance agent needs the current OTP to process a security change on your behalf.
Common red flags
- An email with a new authenticator QR code to scan, claiming your current 2FA is outdated or compromised
- A caller asking you to provide your current OTP 'to deactivate compromised 2FA'
- A 2FA 'upgrade' link in an email leading to any domain other than binance.com
- Unexpected SMS OTP messages arriving without your login attempt
- An email claiming your Binance authenticator must be 'migrated' within a specific window
- Any 2FA change request that claims to be initiated by Binance rather than by you
How to protect yourself
- Manage all 2FA changes exclusively within the official Binance app at Account > Security
- Never scan a QR code for a 2FA setup sent in an email or provided by a caller
- Never provide a current OTP to anyone — a legitimate 2FA change does not require sharing an existing code
- Use an authenticator app rather than SMS for Binance 2FA to remove SIM-swap exposure
- Review the Binance Security Log after any unusual contact to check for unauthorized 2FA changes
How to report it
- Report immediately to Binance at binance.com/en/support if you suspect your 2FA has been compromised
- Forward phishing emails to [email protected]
- Report to IC3.gov (US) or Action Fraud (UK)
- Contact your mobile carrier if a SIM swap is suspected
Frequently asked questions
Can Binance force a 2FA reset on my account?
Binance can, in exceptional circumstances, reset 2FA after extensive identity verification — but this process is initiated by the account holder through official support, not through an unsolicited email or call. An unexpected 2FA change request is almost certainly an attack.
I scanned a QR code in an email thinking it was a Binance 2FA update. What should I do?
If the QR code was for an attacker's authenticator, they may now have valid 2FA codes for your account. Immediately go to Binance Security settings, remove the compromised authenticator method, set up a new one, change your password, and contact Binance support to flag the incident.
Is SMS 2FA on Binance safe to use?
SMS 2FA provides basic protection but is vulnerable to SIM swap attacks. Binance supports authenticator-app 2FA and hardware security keys, which are significantly more resilient. Switching away from SMS-based 2FA is recommended for any account holding meaningful value.