The anti-phishing code is a practical security feature from Binance that many users don't even know exists. Simply put, it's an identifier you set for yourself — once configured, every official Binance email will include this identifier. If an email you receive doesn't contain it, the email is fake. To use this feature, you need the genuine app installed from the Binance official website — the official Binance APP. iPhone users can follow our iOS installation guide.

Why You Need an Anti-Phishing Code

Phishing emails are one of the most common scams in cryptocurrency. Scammers impersonate Binance with emails that look identical in sender name, formatting, and even links.

These phishing emails typically use excuses like:

  • "Unusual login detected — verify your identity immediately"
  • "Your account is about to be frozen — please confirm your information"
  • "Congratulations on your airdrop reward — claim it now"
  • "Platform security upgrade — please reset your password"

If you click the link and enter your credentials, the scammer gets them. But with an anti-phishing code, you can instantly tell real from fake just by checking whether your code is present — no need to analyze other details.

Step-by-Step Setup

Step 1: Open Security Settings

In the Binance app, tap the profile icon in the top left to enter your personal center, then find and tap "Security" or "Security Settings."

Step 2: Find the Anti-Phishing Code Option

In security settings, you'll see multiple options including Google Authenticator, phone verification, email verification, etc. Find "Anti-phishing Code" and tap it.

Step 3: Create Your Anti-Phishing Code

The system asks you to enter a custom string of 4 to 20 characters. It can be any combination of letters and numbers — something only you know.

Tips for setting it:

  • Don't use anything too simple like "1234" or "abcd"
  • Don't use personal information like your name or birthday
  • Choose something memorable but hard to guess
  • Don't use the same text as any of your passwords

Step 4: Complete Security Verification

After entering the code, you'll need to verify the action — typically by entering a Google Authenticator or email verification code. Once verified, your anti-phishing code is active.

How to Use It

After setup, you don't need to do anything extra. From now on, every email Binance sends you will automatically include your anti-phishing code, displayed prominently near the top of the email.

The rule is simple:

  • Email contains your anti-phishing code → genuine Binance email
  • Email doesn't contain the code → phishing email
  • Email shows a different code → phishing email

Modifying Your Anti-Phishing Code

If you suspect your code has been exposed or want a new one, you can change it anytime. Same path: Profile → Security Settings → Anti-Phishing Code → Modify.

Changing requires security verification. Once verified, the new code takes effect immediately.

We recommend changing your anti-phishing code every three to six months for enhanced security.

Limitations

While effective, the anti-phishing code has limitations:

Email only: It only helps verify email authenticity. It provides no protection against scams via SMS, phone calls, or social media.

Can't prevent all attacks: If your email account itself is compromised, scammers could see your code in previous emails. While uncommon, it's theoretically possible.

Requires active checking: The code won't automatically block phishing emails. You need to develop the habit of checking for it every time you receive a Binance-related email.

What Else You Should Do

The anti-phishing code is just one part of your security setup. You also need:

Google Authenticator: The most fundamental and important two-factor authentication method.

Strong password: At least 12 characters with uppercase/lowercase letters, numbers, and special symbols. Don't reuse passwords from other platforms.

Withdrawal whitelist: Restrict withdrawals to pre-approved addresses only — even if your account is compromised, funds can't be transferred out.

Regular security checks: Periodically review login history and security settings for anything unusual.

Watch for social engineering: Don't trust messages from anyone on social media, phone, or SMS requesting passwords, verification codes, or link clicks. Binance support will never proactively contact you for this information.

Summary

Setting up an anti-phishing code takes just a minute or two, but the security benefit is significant. People fall for phishing emails every day, losing substantial assets. With an anti-phishing code and the habit of checking, you can easily avoid these traps.