I. What is a phishing attack?
Phishing-attack refers that hackers defrauding usernames, passwords, ID, capital and other sensitive personal information by claiming that they are staff from MEXC, operation department or customer-service division to gain trust from users. 

II. How do Hackers Steal Users' Information?
1. Virus:
Hackers may be able to create a fake website that looks the same as MEXC's official website. Then, they send the address of the fake website to the user’s computer via virus program, email, etc., or put it on a search website for users to sign in. In such ways, they are able to steal users’ account, password and assets.

2. Short message:
Hackers often send short messages to users in the name of MEXC to inform users that they won a prize or their accounts were stolen as ways to push users to enter the address in the short message to do ID verification. If users do so, their accounts, passwords and their assets will be stolen.

3. Counterfeit website:
Hackers may first create a counterfeit website, and then spread information of promotions, often with coveted prizes via QQ, WeChat and other social medias to induce users to log in to the counterfeit website. If users do so, their accounts, passwords and their assets will be stolen.

4. Emails:
Hackers often send a large amount of emails to users to pretending to be MEXC official emails. These emails often involve information of prize giveaways, system upgradings, etc., to induce users to login to a website that looks similar to MEXC official website. Once users log in these kinds of websites, their personal information and assets will be stolen.

5. Hackers:
Hackers like to send phishing links in MEXC community groups to induce users to log into counterfeit websites.

III. How to prevent anti-phishing?
1. We recommend users to use chrome browsers as it is more secure. Users shall upgrade it to its latest version.

Note: Chrome is a product of Google. It has relatively high security level that is generally recognized by the public. Upgrading it to the latest version is required because the lower versions often have many bugs. For example, the phishing-attack link of Punycode: https://blog.csdn.net/qq_27446553/article/details/70255763

2. Do not install browser plug-ins without checking. 
Note: Plug-ins often have very high authority. If you add any plug-ins without checking, you are then under the risk of getting your account stolen. For example, the “User-Agent Switcher” event of Chrome.

3. Do not open suspicious links, or enter MEXC accounts & passwords on unidentified websites.

4. Regularly check your computer and cellphone by installing antivirus program.

5. Update system paddings timely.

6. Do not send your MEXC verification code to anyone.

7. Before login, users should make sure that the site is MEXC's official website. For unknown domains, please contact our customer service for help.