You suddenly receive an email saying your Binance account was logged in from an unfamiliar device, or you open the app and find operations you never performed. The most important things at this moment are staying calm and acting fast. Setting up security properly when you first register on Binance can greatly reduce the chances of this happening. If you don't have the app on your phone yet, download the Binance APP first to handle the emergency.
Emergency Step 1: Freeze Your Account
No matter how you discovered the anomaly, the first thing to do is freeze your account. Once frozen, all trading and withdrawal functions are suspended — nobody can touch your funds.
There are three ways to freeze:
In the APP: Open the Binance APP, go to your profile, find Security Settings, and tap "Disable Account."
On the website: Log into the Binance website, navigate to Account Security, and find the disable option.
Via email: Binance's suspicious login alert emails typically include a "Disable Account" link — click it to freeze immediately.
The freeze operation doesn't require a verification code, specifically so you can execute it quickly in emergencies.
Step 2: Change Your Password
After freezing the account, change your password immediately.
Use the "Forgot Password" function to reset. New password requirements: at least 8 characters, including uppercase and lowercase letters and numbers. Don't reuse a previous password. Don't include personal information like your name or birthday.
Using a password manager to generate a random strong password is recommended.
Step 3: Check Security Settings
After changing your password, inspect the following:
Is your Google Authenticator still the one you set up? If it was changed, you need to rebind it.
Are your linked phone number and email still yours? If they were tampered with, contact support for assistance.
Were any API keys created? Some hackers operate your account through APIs. Check the API management page and delete any unrecognized API keys.
Are there unfamiliar addresses in your withdrawal address book? Delete any addresses you don't recognize.
Step 4: Review Assets and Transaction History
Carefully review:
Whether your spot wallet balance is normal. Whether there are abnormal futures positions. Whether there are withdrawal records you didn't initiate. Whether there are unusual trades, such as buying or selling a coin at an absurd price.
Screenshot all abnormal records — you'll need them when contacting support or filing reports.
Step 5: Contact Binance Support
Find the support entry in the APP or submit a ticket on the website. Clearly describe:
When you discovered the anomaly. Which operations were not performed by you. What emergency actions you've already taken. Whether your account suffered any asset losses.
Support will assist with further investigation. If assets were stolen, you may need to submit additional identity verification materials.
How to Tell If It's a False Alarm
Sometimes suspicious login alerts can be false positives:
You logged in from a new device or network yourself — switching WiFi or using a VPN can trigger location-based alerts.
Someone attempted to log in but failed — Binance notifies you of login attempts, but it doesn't mean they succeeded.
You're using both the web and app simultaneously — this sometimes triggers multi-device login alerts.
How to verify: Check login history in Security Settings. If all login devices, IP addresses, and timestamps match your own activity, it's a false alarm. Accounts created through registering on Binance can view all logged-in devices in Device Management.
Common Causes of Suspicious Logins
Credential stuffing: You used the same password on another site, and after that site's data breach, hackers try your credentials across major platforms.
Phishing links: You clicked a link in an email or on social media that looked like Binance, then entered your password on a fake site.
Phone malware: You downloaded an unknown app that compromised your phone, and your login information was intercepted.
Forgot to log out on a public computer: You logged into Binance at an internet cafe or a friend's computer and forgot to sign out.
How to Prevent It From Happening Again
After completing emergency handling, reinforce with these measures:
Enable Google Authenticator two-factor authentication. Set up a withdrawal whitelist to only allow transfers to designated addresses. Set an anti-phishing code to identify real vs. fake emails. Use a unique strong password not shared with any other website. Regularly check the login device list and remove unused devices.
FAQ
How long does account freezing last before I can unfreeze? You can unfreeze at any time. Go to Security Settings, tap "Enable Account," and complete security verification. It's recommended to investigate all security issues before unfreezing.
Can a suspicious login cause my funds to be automatically transferred out? No. Withdrawals require security verification (verification codes, etc.). Simply logging in successfully doesn't mean they can withdraw. But freezing immediately is still recommended as a precaution.
What if someone reset my Google Authenticator? Contact Binance support and submit identity documents to apply for recovery. This process takes several days, during which the account should remain frozen.
Security Reminder
Build a habit of regularly checking your account security. Review login records weekly and check API keys and withdrawal addresses monthly. Only download the Binance APP from official channels. When you receive any email about Binance, first check whether it contains your anti-phishing code.