Hong Kong SFC blacklists fake crypto exchange websites

According to blockchain security experts, it might not be that easy to detect if this or that crypto website is fake, especially for new visitors.

Hong Kong SFC blacklists fake crypto exchange websites

Hong Kong’s financial regulator, the Securities and Futures Commission (SFC), has identified and blocked a set of fake websites impersonating major local cryptocurrency exchanges.

On March 4, the SFC issued an official warning against multiple suspicious websites impersonating two licensed crypto trading platforms. The online perpetrators created several fake domains impersonating two licensed exchanges in Hong Kong, including OSL Digital Securities and Hash Blockchain Limited, also known as HashKey.

According to the announcement, the SFC blocked a total of six websites, including hskexpro.com, hskex.com, hskexs.com, hskexit.com, oslexu.com and oslint.com. The measures followed reports on fund withdrawal difficulties and high fees and commissions for withdrawals.

At the SFC’s request, the Hong Kong Police Force has taken steps to block access to the relevant websites.

The websites are listed on the SFC’s official crypto alert list alongside other fake websites impersonating other crypto exchanges like MEXC. The SFC previously blacklisted eight domains impersonating MEXC on Feb. 9.

Fake website alert list by Hong Kong SFC. Source: SFC

The SFC urged investors to verify trading platforms using its public register of licensed persons and registered institutions, as well as the list of licensed virtual asset trading platforms for relevant information on licensed entities, including their official websites.

“Investors should also refrain from sending money or making any transactions before verifying the counterparty’s identity,” the regulator stressed.

It might not be that easy to detect whether this or that website is original or fake, according to Bartosz Barwikowski, layer-1 security expert at the blockchain security firm Hacken. He noted that it may be particularly difficult when a user accesses a website for the first time.

Related: 4 tips that’ll keep your crypto safe from hackers this bull market

“Sure you could always check on the SEC website if the URL is correct but less than 1% of people would do it,” Barwikowski noted. He recommended users to rely on trusted third parties instead of depending on search engines or social media channels, including Reddit, because results can be easily manipulated by scammers.

Barwikowski highlighted two recommendations for users to stay away from fake websites:

“Use mobile apps instead of websites, they are much harder to fake. Just in case, they should have a lot of reviews before you trust them. Check the website of the third trusted party — it can be a government website or cer.live when it comes to exchanges.”

The news comes a few days after the SFC accepted the last applications from crypto exchanges in the latest round of the licensing cycle on Feb. 29. The crypto exchanges that failed to register submit applications by that date must exit the region within three months.

Related Articles

Responses