Cinoslots
Seguridad

How do I recognize Cinoslots phishing attempts?

Phishing sites mimic our login page on lookalike domains. Always check the URL and look for the official 'verified' badge in your browser.

Actualizado May 14, 20266,811 vistas96% útil

Our only legitimate domain

https://cinoslots.com

That's it. Anything else is fake. Common phishing variants we've seen in the wild:

  • cinoslot.com (no plural)
  • cino-slots.com (added hyphen)
  • cinoslots.io / cinoslots.net (different TLD)
  • cinoslots.online / cinoslots.casino (suspicious TLDs)
  • secure-cinoslots.com (added prefix)
  • Cyrillic lookalikes: сinoslots.com (the "c" is a Cyrillic letter — looks identical, different domain)

How to verify the URL

  1. Click in the address bar.
  2. Look at only the domain — everything between https:// and the next /.
  3. Confirm it ends with cinoslots.com exactly (no extra letters, no different TLD, no extra subdomains other than www. or m.).
  4. Hover any link in an email before clicking — your browser shows the real destination at the bottom.

Red flags in emails

  • "Your account will be closed in 24 hours unless you confirm" — we never threaten accounts via email.
  • Generic greetings ("Dear customer") — we always use your username.
  • Links that don't go to cinoslots.com — hover before clicking. Phishing emails often hide their real destination.
  • Requests for your password or 2FA code — we never ask for these by email or chat.
  • Demands to download an "updated security app" — we don't have one.
  • Promises of free crypto for "verification" — never.

Red flags on the phishing site itself

  • HTTPS missing or showing a browser warning
  • The login page looks slightly off (wrong shade of orange, weird spacing)
  • After login, the page redirects to a "verify your wallet" form asking for your seed phrase — we never ask for this
  • Fake "live chat" agents asking for screen-share access

What to do if you suspect phishing

  1. Don't enter credentials. Close the tab.
  2. Check our official Telegram @cinoslots — we publicly post known phishing domains as we discover them.
  3. Report it to [email protected] with the URL — our security team files takedown requests with the registrar within hours.
  4. If you already entered credentials: change your Cinoslots password immediately, then revoke all sessions and rotate 2FA. Then email support — we'll review for any unauthorized activity.

We pay bug bounties

If you find a security issue (XSS, IDOR, auth bypass), email [email protected] with PGP-encrypted details — we pay $500–$50,000 depending on severity. See /security.txt for our coordinated disclosure policy.

¿Fue útil?

96% de 326 lectores encontraron esto útil.

¿Aún necesita ayuda?

Nuestro equipo 24/7 responde en menos de un minuto.

Artículos relacionados

Seguridad

What is the Cinoslots PGP key and when should I use it?

Use it to encrypt sensitive emails to [email protected] (bug reports, KYC documents). Available at /pgp-key.txt.

1.8K vistas96% útil
Seguridad

What is address poisoning and how do I avoid it?

Malware or copy-paste attacks that swap your destination address with the attacker's. Always verify first 4 + last 4 characters.

4.1K vistas94% útil
Cuenta

Confirmation / reset emails aren't arriving — what now?

99% of missing emails are spam-filtered. Whitelist [email protected] and check promotions tab.

1.4K vistas93% útil