How to prevent phishing emails?
Phishing emails are becoming more subtle and convincing. They often blend into your inbox and try to trick you into sharing personal information or even your account credentials. Knowing how to spot these emails is one of the best ways to protect your assets.
How do phishing emails typically work?
Scammers often send emails that look very similar to official messages. Their goal is to deceive you into taking actions that put your account at risk, such as clicking a malicious link or sharing sensitive information.
These emails commonly try to create a sense of urgency or temptation, for example asking you to “verify your account immediately,” “update your information,” or “claim a reward.”
How do I identify a phishing email?
Here are a few simple checks that can help you quickly determine whether an email is genuine:
1. Check the sender's email address
This is one of the quickest ways to identify a suspicious email, OKX uses a set of official email domains. You can view all official contact channels here. If the address looks similar but not exactly the same (for example, “okx.com” changed to “oikx.com” or an unrelated domain), treat the email as suspicious.
2. Review the content carefully
Even if an email looks polished, there are signs that often give away a phishing attempt.
The email directs you to non-official websites
OKX will never ask you to handle account issues through third-party websites.
If you're prompted to log in, verify, or resolve issues on a non-OKX page, the email is unsafe.
The email asks for sensitive information
OKX will never request your password, seed phrase, private key, or identity documents through email.
The email contains odd writing
Many phishing emails have unusual grammar, spelling mistakes, or unnatural wording.
The links don't match the official domain
Hover over any link (without clicking).
If the URL doesn't belong to an official OKX domain, don't open it.
When the email address looks correct but the content feels suspicious
Even if the sender address appears to be official, you should be cautious if the email content includes unusual instructions such as clicking links or providing personal information. In such cases, you should further verify the email's authenticity.
Besides contacting Customer Support, you can also check the email via EML file to confirm whether it was genuinely sent from OKX.
If any of these fields show fail, the email did not pass authentication and is likely sent from an unauthorized source.
spf=fail
dkim=fail
dmarc=fail
Check out “How do I check if an email is officially from OKX using an EML file?” to learn more.
Reminders
Whenever you receive an email that seems unusual, keep the following in mind:
Don't click any links or follow instructions immediately
Phishing emails often pretend to be urgent or appealing, pause and check first.
Contact OKX Customer Support directly if you're unsure
Don't reply to the suspicious email or use the contact information inside it.
Always use the official support channels listed on the OKX website.
Never send funds or share sensitive information
If an email asks you to transfer funds, provide your password, private key, or seed phrase — it's a scam.
Report and delete suspicious emails
Mark the email as spam or phishing, then delete it to prevent accidental clicks.