Download Binance App

How to verify if binance.com is the real official site

2026/4/4 21 min
#Official Site

To verify if binance.com is the real official site, you actually don't need any tools; you can confirm it in three steps. As long as the domain suffix is .com and the main domain is binance, the padlock in the browser address bar is green, and the SSL certificate issuer says Binance Holdings, it is the genuine site. Conversely, domains like binance-cn.com, binancecn.com, bi-nance.com, binance.co, and binanceapp.top are all fake sites. For the easiest way, just redirect to the Binance official site from our site or download the Binance official App. iPhone users should first check the iOS installation guide to switch to a US Apple ID.

First, recognize the 4 fixed characteristics of the real domain

You can never confirm it too many times. The main domain of the real official site is always binance.com, it's impossible to have a - hyphen, it's impossible to have .cn, .top, .xyz suffixes, and it's impossible to lack an SSL padlock.

True vs Fake Comparison Table

Domain Name True/Fake Notes
binance.com True Main site, global overall entry
accounts.binance.com True Login subdomain
www.binance.com True With www automatically jumps to the main site
binance.us True US compliant site, independent product
binance-cn.com Fake Anything with a hyphen is a spoof
binancecn.com Fake Extra letters are definitely fake
binance.co Fake Incorrect suffix
bi-nance.com Fake Hyphen + intermittent letters
binanceapp.top Fake .top is not official
bi1nance.com Fake Replacing letter l with number 1

Method 1: Check the address bar padlock and certificate

This is a judgment that can be completed within 10 seconds. Most fake sites get stuck at this step.

Viewing steps in Chrome

  1. Open the suspicious URL.
  2. Click on the padlock icon to the left of the address bar.
  3. Select "Connection is secure" -> "Certificate is valid".
  4. The "Issued to" field in the popup should be *.binance.com, and the "Issued by" should be a mainstream CA like DigiCert or GlobalSign.
  5. Look at the "Subject Alternative Name (SAN)", it must contain binance.com.

Common flaws in fake sites: The certificate is issued to free-ssl.xxx or self-signed, the SAN says some weird domain names, or the browser directly prompts "Certificate is invalid".

How to view certificates on mobile

iOS Safari: Tap aA on the left of the address bar -> "Website Settings" -> Actually, iOS hides the certificate details, but if the padlock disappears or a red triangle appears, you should be alert. Android Chrome: Address bar padlock -> "Connection security" -> "Certificate information", the steps are the same as on PC.

Method 2: Check registration info via WHOIS

Friends who know a little bit of advanced stuff can use WHOIS to reverse deduce.

Operation steps

  1. Open who.is or run whois binance.com in the command line.
  2. Look at the registration date: binance.com was registered in early 2017, and the registrar is generally MarkMonitor (a common domain hosting provider for large companies).
  3. If you see Registrar: GoDaddy and the registration date is within the last six months, the suspiciousness goes straight up.
  4. Compare the registration dates of suspicious domains, many fake sites were just built a week ago.

Auxiliary judgment signals

  • There should be a complete copyright like "© 2017-2026 Binance.com" at the bottom of the page.
  • You can find the CEO's name (currently Richard Teng) in "About Us".
  • You can see more than 7 language switches in the footer.
  • Fake sites usually only have Simplified Chinese as the only language.

Method 3: Compare page element fingerprints

The Binance official site has several fixed features that never change, which fake sites can hardly replicate completely.

Fixed feature list

  1. Logo color scheme: Black background with #F0B90B golden yellow, hexahedron icon.
  2. Top scrolling bar on the homepage: Always displays real-time prices for BTC/ETH/BNB.
  3. "Services" column in the footer: Fixedly displays over 10 products such as Binance Earn, Binance Pay, and Binance Card.
  4. "Become a VIP" entry: The real site shows tiered VIP 1-9 + MVP.
  5. Language switch: Clicking the globe icon allows you to see multiple options such as "简体中文" (Simplified Chinese), "繁體中文" (Traditional Chinese), "English", "日本語" (Japanese), "한국어" (Korean), etc.

Common fake site loopholes

  • Clicking the customer service button in the bottom right corner pops up WeChat/QQ, this is 100% a fake site.
  • When registering, it only asks for a mobile phone number but not an email, fake.
  • Promising "30% cashback" or "withdraw without KYC", fake.
  • Deposits only accept a specific USDT address to "Customer Service", fake.
  • The page uses "Baidu Analytics" or "CNZZ" statistical code, fake.

Method 4: Reverse check from the App

The real official site and the official App share the same account system and can verify each other.

Verification flow

  1. First install the Binance official App on your phone.
  2. Complete the login in the App -> Profile -> Account -> Find the UID number (9 digits).
  3. Open the suspicious URL in your computer browser and enter the same account and password.
  4. After logging into the real official site, the UID displayed in the top right corner of the page must match the one in the App.
  5. Inconsistent UIDs, or an incorrect password prompt, means 99% that the fake site is trying to steal your account and password.

Caution reminder: Do not use your main account for testing, it is best to use a newly registered secondary account to avoid password leakage.

Method 5: Check JS request whitelist

Friends who know F12 have a killer trick.

Look at the Network panel

  1. Press F12 to open developer tools -> Network tab.
  2. Refresh the page.
  3. Look only at the Domain field of the requests. XHR requests on the real official site will only hit these domains: api.binance.com, www.binance.com, bin.bnbstatic.com, and CDN nodes like static-file-1307370181.cos.ap-shanghai.myqcloud.com.
  4. If you see requests hitting strange domains like tk10086.com, xxxstat.cn, yyy-collect.com, close it immediately.

Look at Cookie domains

The core cookies of the real site are attached to .binance.com or .accounts.binance.com. Fake sites usually cram tracking cookies under third-party statistical domains, which is very obvious.

The correct way to save browser bookmarks

The easiest way to prevent fake sites is actually to use bookmarks well, and not type the domain name manually every time.

Suggested actions

  1. Immediately press Ctrl + D to add a bookmark after entering from the official entrance for the first time.
  2. Change the bookmark name to "Binance", and save the icon together.
  3. Drag the bookmark to the far left of the bookmark bar.
  4. From then on, always enter via the bookmark. Do not click on any search result ads or WeChat links.
  5. Check once a quarter whether the bookmark still points to binance.com.

FAQ

Q1: Isn't the first search engine result the official site?

A: No guarantee. Google, Bing, and Baidu all have bidding ad slots, and the real official site doesn't necessarily buy bids. There is a high probability that the first 1-2 with the "Ad" tag are fake sites. You need to look at whether the domain name is binance.com yourself before clicking.

Q2: What is the relationship between binance.us and binance.com?

A: Both are genuine, but target different markets. binance.us is the US compliant version, which only supports USD and limited coins; binance.com is the global site, supporting more fiat currencies, over 400 coins, and complete futures products. Chinese users default to using binance.com.

Q3: Is it real if the page title says "Binance"?

A: No. Anyone can change the HTML title tag, and just looking at the title will get you scammed. You must check the domain name + SSL certificate + page features all at once.

Q4: What if I joined a fake site chat group and got scammed?

A: Immediately log into your real account from the Binance official site, change your password and 2FA, and freeze the fund pool; then submit a case using the "Ticket System" in the official App, attaching the fake site domain name, chat records, and transfer records; finally, report to the local police for the record.

Q5: There are many similar Binance icons in the mobile app store, how do I choose?

A: For iOS, only search for "Binance" in the US App Store, and the developer should show Binance itself; for Android, the verification method is to download the APK from the binance.com official download page and verify the signature fingerprint. Do not download from third-party app markets.

Q6: Will the real official site ask me to download "security controls" or "certificates"?

A: No. Binance never asks users to download any local controls. Anything asking you to install an exe or a plugin is fake.

Conclusion

To verify if binance.com is the real official site, remember one sentence: Not a single letter in the domain name can be wrong, the certificate must be issued by an authoritative CA, the page features must be complete, and the App UID must match. The easiest operational sequence is to bookmark the entrance from our site or the official App, usually enter from the bookmark, or use the App on mobile, and do not rely on search results or click on chat group links. This way, even if someone throws a highly spoofed domain name in front of you, you can still distinguish it within 30 seconds. One more step of verification adds an extra guardrail to fund security.