Is a crypto exchange asking me to re-verify my identity by email a scam?
Phishing emails impersonating crypto exchanges with KYC (know your customer) verification requests are very common. Always log in to the exchange directly — never upload documents via an email link.
Last reviewed: 1 June 2026
Explanation
KYC phishing targets crypto exchange users who are accustomed to periodic identity verification requirements. A fraudulent email claims your account will be restricted unless you resubmit your identity documents through a link. The link leads to a fake exchange login page or document-upload portal. Uploading your identity documents to a fake site results in identity theft — your documents may be used to open accounts in your name, commit financial fraud, or be sold. Real KYC requests from exchanges appear inside your account dashboard after you log in directly. If an exchange genuinely needs updated verification, the request will be visible in your account and any document upload will happen through the exchange's secured platform — not via a link in an unsolicited email.
Common red flags
- Email asks you to upload ID documents via a link rather than inside your account
- Link goes to a domain that differs from the exchange's known address
- Email threatens account suspension within 24-48 hours
- Sender email address is not from the exchange's official domain
What to do now
- Do not click the link or upload any documents
- Log in directly to the exchange and check your account for genuine verification alerts
- If you uploaded documents, report identity fraud to your national fraud service
- Place a fraud alert on your credit file if documents were compromised
Frequently asked questions
Do exchanges ever email KYC requests?
Some exchanges send notification emails about upcoming verification requirements, but genuine requests direct you to log in to your account on their official site — they never include a document upload link directly in the email.