Cyber criminals have recently adopted ingenious ways to obtain your personal information (e.g. your login details, SMS OTPs, etc.) so that they can take control of your financial accounts and funds - a technique known as phishing. Victims of phishing end up incurring hefty financial losses from unauthorized charges to their e-wallets. However, you can protect yourself from such fraud attempts with simple tips such as the ones below:
1. Avoid sharing sensitive information with others
Please DO NOT share sensitive information associated with your Tokenize Xchange account with anyone. These details include:
2. Look out for phishing attempts
Stay protected by learning the tell-tale signs of a phishing attempt. We’ve put together a few tips to help you get started:
1) What do phishing messages usually look like?
Phishing messages could be in the form of emails, instant messages or even phone calls. On the surface, phishing messages might look legitimate and may ask you to verify an unauthorized transaction, review a payment or perform any other action. However, upon closer inspection, you will notice tell-tale signs that indicate it’s a phishing attempt.
2) How would I know if the message I received is a phishing message?
Please look out for the following to help you identify if the message you received is a phishing attempt.
- Sender’s email address: Check if the sender’s email address looks legitimate, and belongs to the company’s official domain name (e.g. tokenize.xchange)
- Website domain name: If the email asks you to click on a link, always check if the website you are redirected to belongs to the company’s official domain name
- Content of the email: Remember – Tokenize Xchange will never ask you to share sensitive information (e.g. passwords, bank details) via email
- Spelling errors: Look out for misspelt words
- Inconsistent capitalization: Look out for inconsistencies in capitalization (e.g. using tokenize exchange instead of Tokenize Xchange)
- Irrelevant content: Sometimes, the content of the email might not be directly related to the company’s operations (g. a note about brokerage services in an email sent by Tokenize Xchange, when Tokenize Xchange does not offer any brokerage services)
- Incorrect grammar: Look out for lack of appropriate punctuation or incoherent sentences
3. Act accordingly
If you believe the message you have received is a phishing attempt, remember the following tips:
- In the meantime, you can only access your account using the official Tokenize Xchange website domain name: https://tokenizemalaysia.com/ until we have official announcement about releasing our mobile app.
- No one should access or share your account apart from you. Set a complex password and never share your login details to anyone. Not even Tokenize Xchange, your family and your close friends.
- DO NOT reveal to others your private key for wallet and secret key for Google Authenticator.
- DO NOT respond, click on any suspicious links, or open the attachments.
- Tokenize Xchange encourages users to enable 2FA (Two-factor authentication) to ensure that your account stays protected. To enable 2FA, please visit our help centre for detailed instructions.
- If you need additional support from Tokenize Xchange, you may contact our support via live chat on https://tokenizemalaysia.com/ or via email firstname.lastname@example.org
- You can also visit our help centre for additional information on how to safeguard yourself and your personal information.