Cryptocurrency exchange Binance recently encountered a new type of scam that targeted its customer support team and internal workflows rather than its customers directly.
The service team received a complaint from a user claiming to have been scammed by someone posing as a Binance executive. The user said that the individual promised to help resolve some issues, but disappeared after the user transferred money, according to Sisi, a Chinese Binance customer service representative, in a post on X (formerly Twitter).
“Out of a sense of responsibility to our users, we conducted an in-depth investigation, and the more we investigated, the more suspicious it seemed.”
In a simple scam, the user sent Binance’s support team fake screenshots of a Telegram chat with the “executive” and manipulated transfer records to make it appear that they had been deceived into transferring funds.
“The so-called ‘executive’ didn’t verify any details at all, only asking for the name of the ‘project,’ and didn’t even put on an act. The user, however, had ‘absolute trust’ and transferred money without hesitation,” according to the X post, which raised suspicion.
“The transaction records provided by the user were also strange,” the post added. The user initially claimed that the wallet address used by the supposed executive started with “TP,” but Binance’s blockchain data showed that the address actually initiated the transfer. The scam address was likely the user’s own address.
When Binance requested the real-time chat log, the user claimed that the “executive” had enabled privacy mode and the message history had been deleted.
The team initially thought that the messages came from an imposter account, but then found that the user was questioning a genuine Binance executive account. “The executive himself was completely unaware of the theft, and the account was not compromised.”
It turns out that the user contacted the real executive’s account to create the fake screenshots. “He took the chat logs from the real executive’s account to customer service, requesting verification, attempting to induce a response, and threatening to exert pressure through social media if they didn’t help resolve the issue,” Sisi wrote.
The support ticket was a deliberate attempt to mislead Binance’s customer service team and coerce the company to provide compensation rather than a genuine scam victim report. The incident put Binance’s customer service team to the test, showing how important it is for support teams to spot suspicious behavior quickly and have strong verification checks in place to protect both the business and customers from increasingly convincing scams.
Commenters responding to Binance’s X post suggested that the same wallet address had been used in an attempt to scam the HTX (formerly Huobi) crypto exchange.
Another commenter joked: “This is a scammer with a conscience, at least he didn’t bully retail investors.”
“Similar scams happen every day. In the past, we rarely shared our experiences proactively due to concerns, which allowed scammers to thrive and, to some extent, fueled speculative behavior by certain interest groups,” Binance stated.
“This time, we’ve decided to break our silence. The purpose of this public sharing is to raise awareness and prevent new types of scams.”
Binance took the opportunity to remind customers that it will not contact them through unofficial channels, or request them to transfer funds to designated addresses. “[W]e will resolutely expose and pursue legal action against those who attempt to frame Binance or mislead the public through fraud or deception,” the X post added.
The cryptocurrency industry attracts scammers because it combines high-value assets, global reach, and a level of complexity that many users are still learning to navigate. Transactions are processed quickly and can’t usually be reversed, so once money is gone, it’s hard to recover. On top of that, wallets aren’t always tied clearly to real-world identities, which makes it harder to track down bad actors. Scammers can rely on social engineering to trick users into giving up credentials or funds without ever needing to break into the technology itself.
Customer Service Teams Are Becoming the Front Line Against Fraud
The threat landscape facing customer service teams is shifting, as they are increasingly being treated as attack surfaces.
As scams get more sophisticated, fraudsters are shifting away from hacking systems and instead trying to manipulate people using social engineering tactics like phishing and spoofing. This puts pressure on customer service operations, where process gaps can be exposed, and means frontline agents need more than just good service skills. They also need to think critically to spot inconsistencies and have a basic understanding of how fraud typically works. It highlights why close coordination between customer-facing and security teams matters, so that agents can quickly escalate concerns and verify claims across internal systems, instead of relying only on what a customer submits.
Agents also need to feel confident pushing back on stories that don’t quite add up, especially when they are presented with urgency or emotional appeal.
Customer service teams are increasingly acting as a line of defense for customers as well as the business. Clear verification steps, access to reliable internal data, and ongoing training on new scam tactics can help teams avoid costly mistakes without eroding the customer experience for legitimate users.
