I. What is phishing attack?
Phishing-attack refers that hackers defraud user name, password, ID, capital and other sensitive personal information by claiming that they are staff from MXC, operation department or customer-service division to gain trust from users.
II. How do Hackers Steal User's Information?
- Virus: Hackers may be able to create a fake website as same as MXC official website. Then, they send the address of the fake website to user’s computer via virus program, email, etc., or put it on search website for users to sign in. In such ways, they are able to steal users’ account, password and assets.
- Short message: Hackers often send short messages to users in the name of MXC to inform users that they won a prize or their accounts were stolen as ways to push users enter the address in the short message to do ID verification. If users do so, their accounts, passwords and their assets will be stolen.
- Counterfeit website: Hackers may first create a counterfeit website, and then spread information of promotions often with coveted prizes via QQ, WeChat and other social medias to induce users to log in the counterfeit website. If users do so, their accounts, passwords and their assets will be stolen.
- Emails: Hackers often send a large amount of emails to users to pretend to be MXC official emails. These emails often involve information of prize giveaway, system upgrading, etc., to induce user to login a website that similar to MXC official website. Once users log in these kinds of websites, their personal information, therefore their assets will be stolen.
- Hackers also like to send phishing links in MXC community groups to induce users to login counterfeit website.
III. How to anti-phishing?
- We recommend users to use chrome browser for it is more secure. Users shall upgrade it into its latest version.
Note: Chrome is a product of Google. It is of relatively high security level that is generally recognized by the public. Upgrading to the latest version is required because the lower versions often have many bugs. For example, the phishing-attack link of Punycode:
- Do not install browser plug-in without check.
Note: Plug-ins often have very high authority. If you add any plug-ins without check, you are then under the risks of account stolen. For example, the “User-Agent Switcher” event of Chrome.
- Do not open suspected links, or enter MXC account & password to unidentified website.
- Install antivirus program to check computer and cellphone regularly.
- Update system paddings timely.
- Do not send MXC verification code to anyone.
- Before login, users should make sure that the site is MXC official website. For unknown domain, please contact our customer service for help.