Download Binance App

How to Bookmark Binance Official Site to Avoid Phishing Sites

2026/4/7 24 min
#Official Site

The ultimate way to prevent entering fake sites is not to memorize the domain but to pin the real official site into your bookmarks and only enter from there. After your first visit from the Binance Official Site, immediately press Ctrl + D to add a bookmark. On mobile, install the Binance Official App and place the app icon on the first screen of your desktop. iOS users can complete the official app installation according to the iOS Installation Tutorial. By doing these three things, phishing sites will have almost no chance to deceive you.

Why Relying Solely on Memorizing Domains is Unreliable

The accuracy of human eye identification of domains is lower than imagined, especially under Punycode (homograph) attacks.

Scenarios Where Deception is Easy

  1. Search Engine Ad Slots: Baidu, Bing, and Google all have bidding slots, and those who pay for "Binance" keywords are often phishing sites.
  2. WeChat/Telegram Group Links: Scammers forge short links (bit.ly, t.cn) that point to fake sites.
  3. Phishing Emails: Forged "Binance Security Warning" emails with links that actually lead to binance-security.com.
  4. QR Code Fraud: Group members drop a QR code saying it's the official site, but scanning it leads to a fake site.
  5. Mobile Auto-completion: You type half the letters, and the system pushes the fake site you mistakenly clicked last time to the top.

Statistical Data

According to public phishing case statistics: At least 4,000 fake Binance domains were registered in 2025, of which 60% were variants with hyphens or numbers replacing letters; an average of 30-50 new fake sites are added every month.

Method 1: Correct Use of the Chrome Bookmark Bar

This is the most basic line of defense.

Correct Actions

  1. Enter the real site from the Binance Official Site first.
  2. Wait for the page to load completely and confirm the address bar is https://www.binance.com/en.
  3. Press Ctrl + D to bring up the "Add Bookmark" window.
  4. Change the name to "Binance Official Site."
  5. Select "Bookmark Bar" for the folder so it is always displayed at the top of the browser.
  6. Click "Done."
  7. From now on, only enter from this bookmark; do not type it manually.

Bookmark Bar Sorting Suggestions

Fix your 3-5 most frequently used financial bookmarks on the far left: Binance, bank official sites, email; put search engines and other links on the right. Over time, you will develop muscle memory where pressing Ctrl+1 enters Binance.

Method 2: Password Manager as a Backup

Bitwarden, 1Password, and Apple Keychain all support "auto-fill only on matching domains." This mechanism naturally isolates fake sites.

Principles

  1. When saving the Binance password, the bound URL is https://www.binance.com/*.
  2. When encountering a fake site like binance-cn.com, the password manager will not pop up an auto-fill prompt.
  3. You will immediately become alert when you find there is no auto-fill, wondering if you entered a fake site.

Recommended Configuration

  • Bitwarden Settings: Account → Vault → Settings → Match detection select "Hostname matching."
  • 1Password: Strict host matching is default, no changes needed.
  • Chrome Passwords: Settings → Auto-fill → Passwords → Enable only on matching domains.

Add a 2FA Lock

In addition to a password manager, bind Google Authenticator or Binance's built-in 2FA. Even if the password is leaked, you cannot log in without the dynamic code.

Method 3: Mobile Home Screen Shortcuts

For mobile users, the App is more stable than bookmarks.

Android

  1. Download the official APK from the Binance Official Site and install it.
  2. After installation is complete, long-press the App icon → "Add to Home Screen."
  3. Drag the icon to the most prominent position on the first row of the first screen.
  4. From now on, only enter from the home screen icon; do not enter from the browser.

iOS

  1. Switch to a US region Apple ID according to the iOS Installation Tutorial.
  2. Search for "Binance" in the App Store to download.
  3. Place the icon on the first screen.
  4. Open Settings → Screen Time → Content & Privacy Restrictions → Allowed Apps → add Binance to "Always Allowed" to avoid accidental deletion.

Why the App Icon is Safer

  • No need to remember the domain.
  • No need to manually type the URL.
  • Every time you open it, it is the same signed App.
  • Official updates go through the App Store/Play Store and cannot be tampered with by intermediaries.

Method 4: Browser Extension Double Protection

Recommended Extensions

  1. MetaMask's Official Site Detection: Identifies phishing sites.
  2. Bitdefender TrafficLight: Blocks known phishing URLs.
  3. Web of Trust: Community ratings blacklist fake sites.
  4. PhishTank Database: Real-time synchronization of the latest phishing lists.

Configuration After Installation

  • Add binance.com to the "Trust List."
  • Add known fake site keywords (binance-cn, binanceapp, bi-nance) to the blacklist.
  • Turn on "Block instead of just warning" to give yourself no chance for luck.

Method 5: System-level hosts Hard Binding (Advanced)

Technically savvy users can use hosts for a final lock.

Operational Steps

  1. Open C:\Windows\System32\drivers\etc\hosts with Notepad administrator privileges.
  2. Add a comment reminder at the end of the file (optional).
  3. If you find certain fake sites repeatedly polluting your environment, you can point them to 0.0.0.0 in the hosts file to block them directly.

Example

0.0.0.0 binance-cn.com
0.0.0.0 www.binance-cn.com
0.0.0.0 binancecn.com
0.0.0.0 bi-nance.com
0.0.0.0 binanceapp.top

Notes

  • Do not hardcode the real domain binance.com to an IP because CDN IPs change, and hardcoding will lead to access failure.
  • Only change it on your own device; do not touch company computers.
  • It is inconvenient to change hosts on mobile; just use other protection methods.

Method 6: Fix Search Engine Keywords

Many people are used to searching for "Binance" instead of entering the domain, so lock down the search results as well.

Chrome Custom Search

  1. Settings → Search Engine → Manage Search Engines and Site Search → Add.
  2. Name "Binance Official Site," shortcut bn, URL https://www.binance.com/en.
  3. Save.
  4. From now on, typing bn + space + enter in the address bar will jump directly to the real official site.
  5. The entire process does not go through any search result pages, completely bypassing ad slots.

Efficiency Comparison

  • Searching for "Binance" and clicking the result: Requires 3-5 seconds + the mental cost of identifying ads.
  • Using the bn keyword jump: Less than 1 second, zero risk.

Behavioral Habits for Phishing Prevention

Besides technical means, forming good habits is more critical.

The Five "Nos" Principle

  1. No clicking email links: If you see an email saying "Account anomaly, click here to log in," ignore it. If you really want to check, enter the official site from your bookmarks.
  2. No scanning QR codes in groups: Any "Binance entry" QR code in WeChat/QQ/Telegram groups is considered high risk.
  3. No trusting phone numbers: Binance has no Chinese phone customer service. Any call claiming to be "Binance China Customer Service" is a scam.
  4. No downloading third-party APKs: Only get Android APKs from the official download page; do not receive APKs shared by strangers.
  5. No telling passwords to customer service: Binance customer service will not ask for passwords, verification codes, or ask you to download "security controls."

Regular Self-check

  • Once a month, log in to the Binance Official Site under "Account → Security → Device Management" to see if there are any unfamiliar devices.
  • Every quarter, check browser bookmarks to confirm they still point to binance.com.
  • Change passwords every six months and back up 2FA keys to a safe.

Case Warnings: Real Deception Paths

Case 1: Search Ad Phishing

A user searched for "Binance Login" on Baidu and clicked the first result with an "Ad" label, bn-official.cn. The page completely mimicked the official site. After entering the account and password, assets were transferred to the scammer's account in real-time, and a 2FA lock was placed on the UID that could not be undone.

Case 2: Telegram Group Phishing Link

Someone in a group sent "Binance official Chinese customer service group, link: t.cn/abcdef." Clicking it jumped to binance-service.top, which mimicked customer service and asked the user to download an "account activation tool." After running it, the user's keys were stolen.

Case 3: Email Mimicry

A user received an "Account Freeze Warning" email that looked like it was from binance.com. The sender was actually [email protected], linking to a fake login page at binanceaccounts.xyz.

Prevention Summary

The commonality of all cases is that "the user does not enter from bookmarks or the App but follows external links." As long as you insist on entering from the entries you have collected, 99% of phishing will not succeed.

Frequently Asked Questions

Q1: My computer is shared; how can I prevent family members from mistakenly clicking fake sites?

A: Create a "Finance" exclusive user in the browser and only install the password manager and Binance bookmarks under this user. Other family members do not log in to this user. Chrome supports multi-user isolation.

Q2: Are bookmarks still useful in incognito mode?

A: Incognito windows share the bookmarks of the main browser by default. You can see the bookmark bar with Ctrl+Shift+B. However, incognito mode will not save newly added cookies, making it suitable for temporary logins.

Q3: Can I add bookmarks on mobile?

A: Both iPhone Safari and Android Chrome support bookmarks. However, it is more recommended to use App icons on mobile rather than bookmarks to reduce the possibility of browser redirects.

Q4: Are password managers reliable? Will they be leaked?

A: Major password managers (1Password, Bitwarden, Dashlane) use local encryption + zero-knowledge architecture; even the officials cannot get your cleartext password. As long as you set a strong master password + enable 2FA, the risk is extremely low.

Q5: How to judge if an email is official?

A: Look at three things: the sender's domain must be @binance.com or @post.binance.com; hover over all links in the email to see if they point to binance.com; Binance will not proactively ask for passwords or send .exe attachments.

Q6: Will the official proactively call me?

A: No. Binance has no phone customer service in Chinese-speaking regions and only communicates through ticket systems and site messages. Any call, SMS, or WeChat contact should be considered a scam.

Summary

Pinning the Binance official site to bookmarks and App icons is the most efficient way to prevent phishing. Recommended combination: Browser bookmarks + password manager strict domain matching + mobile App icon on the first screen + browser extension for blocking + hosts blacklist as backup. Coupled with behavioral habits like "no clicking email links, no scanning group QR codes, and no trusting unfamiliar calls," phishing sites will almost never deceive you. Spending 5 minutes on configuration can save thousands or even hundreds of thousands in potential asset losses in the future.