CoinTelegraph

Goodbye SMS: Hong Kong Regulator Mandates Hardcore Anti-Phishing Rules for Crypto Platforms

July 9, 202609:53 AM
Goodbye SMS: Hong Kong Regulator Mandates Hardcore Anti-Phishing Rules for Crypto Platforms

Hong Kong's Securities and Futures Commission (SFC) has issued a major crackdown on digital security vulnerabilities. The regulator has officially ordered all virtual asset trading platforms (VATPs) and online brokers to adopt phishing-resistant authentication methods within a strict 12-month deadline to safeguard user assets.

Moving beyond traditional security, the new mandate prohibits the use of one-time passwords (OTP) via SMS, email, or standard app-based logins. Instead, platforms must pivot to advanced solutions such as passkeys, hardware security keys, and cryptographic device binding, setting a high-security benchmark for the global crypto industry.

The new standards require stronger phishing-resistant authentication methods and device binding while prohibiting the use of one-time passwords through SMS, email, or app-based logins. The requirements outline stronger alternatives such as passkeys, registered devices with cryptographic verification, and hardware security keys, which the SFC described as essential phishing-resistant solutions.

This is a summarized and adapted version by Artificial Intelligence. To read the complete original story, visit the official source.

Read Full Article at CoinTelegraph
QR Code Lightning

Support Jornal Bitcoin

Independent journalism, curated by AI, no clickbait. Keep the flame alive with any amount of BTC.

Wallet of Satoshi
jonata@walletofsatoshi.com

Daily Crypto Brief 📬

Subscribe to receive the curation of the most important Bitcoin and crypto news, summarized by AI. No spam.

Join more than 10,000 smart readers.

Related News

Crypto Nightmare: Trader Loses $1M to Devastating Onchain Phishing Scam
Crypto Briefing★ Featured

Crypto Nightmare: Trader Loses $1M to Devastating Onchain Phishing Scam

A massive security breach has rocked the DeFi space as a single trader lost $1 million to sophisticated onchain scammers. By exploiting a phishing token approval vulnerability, attackers were able to bypass standard defenses and drain significant liquidity, proving that even experienced participants are at risk.

The surge in these onchain phishing scams underscores a critical gap in the current decentralized finance landscape. As attackers refine their methods, the industry faces an urgent mandate to prioritize enhanced security measures and comprehensive user education to mitigate the impact of malicious token approvals.
Ethereum Phishing Nightmare: Trader Loses $1M After Signing Malicious Token Approval
CoinTelegraph★ Featured

Ethereum Phishing Nightmare: Trader Loses $1M After Signing Malicious Token Approval

A devastating security breach on the Ethereum network has left a trader nearly $1 million poorer after falling victim to a sophisticated phishing token approval scam. According to data from Scam Sniffer, the attacker utilized advanced scripts to bypass initial hurdles, highlighting how approval phishing remains a primary attack vector for onchain scammers targeting high-value wallets.

This massive loss follows a grim trend in the crypto industry, which has already seen $366 million in phishing-related losses in the first half of this year. The precision of the attack—where the script recalculated and drained the exact remaining balance after an initial failed attempt—serves as a stark warning about the evolving capabilities of automated theft in the decentralized finance space.
The Future of Spending: Animoca Brands and Visa Enable AI Agents to Shop
Crypto Briefing★ Featured

The Future of Spending: Animoca Brands and Visa Enable AI Agents to Shop

Animoca Brands has successfully completed a live pilot with Visa, empowering Minds AI agents to navigate the real-world economy. By enabling these autonomous agents to identify card rewards and execute purchases at select merchants in Hong Kong, the partnership bridges the gap between artificial intelligence and traditional financial infrastructure.

This milestone involving Animoca Brands and Visa represents a significant leap toward an agentic economy. As AI agents gain the ability to manage transactions via Visa, we are witnessing the groundwork for a future where autonomous software becomes a primary driver of global consumer spending and retail innovation.
Red Alert: Brazil's Central Bank Proposes 24-Hour Crypto Transaction Freeze
Livecoins★ Featured

Red Alert: Brazil's Central Bank Proposes 24-Hour Crypto Transaction Freeze

The ABCripto has filed a formal technical challenge against a Brazilian Central Bank proposal that seeks to implement a 24-hour preventive hold on specific virtual asset transactions. This measure specifically targets international payments and transfers to self-custody wallets, raising significant concerns regarding user autonomy.

The potential impact of this regulation could disrupt the seamless nature of crypto transactions and create friction for global users. As the debate intensifies, the industry watches closely to see how this move toward stricter oversight will affect liquidity and the decentralized ethos of the crypto market.
Game Changer? Austin Griffith Unveils $1 AI-Powered Security Audit Service
Crypto Briefing★ Featured

Game Changer? Austin Griffith Unveils $1 AI-Powered Security Audit Service

Austin Griffith has disrupted the blockchain security landscape by unveiling a $1 AI security audit service powered by x402 and USDC. This breakthrough aims to democratize access to essential security reviews, making high-level protection accessible to even the smallest decentralized projects.

While this low-cost model is set to spark massive innovation across the industry, it introduces a significant debate regarding over-reliance on automated checks. The tension between rapid, AI-driven deployment and the rigorous scrutiny of manual audits will define the next era of smart contract security.
Fraud Alert: Georgia Bank Customers Targeted by Sophisticated Fake 'Fraud Prevention' Texts
The Daily Hodl

Fraud Alert: Georgia Bank Customers Targeted by Sophisticated Fake 'Fraud Prevention' Texts

BankSouth is issuing an urgent warning to its customers in Georgia regarding a targeted phishing campaign involving fraudulent text messages. These fake SMS alerts impersonate the bank's fraud prevention department, claiming that an unrecognized device, such as an iPad, requires immediate remote termination to secure the account.

To maximize effectiveness, the scammers are employing highly convincing tactics, including fake case numbers and temporary passwords to mimic official bank communications. This sophisticated social engineering attempt is designed to trick users into compromising their credentials, highlighting a growing trend in mobile-based financial fraud.
Jornal Bitcoin Logo