Cinoslots
Sécurité

How do I recognize Cinoslots phishing attempts?

Phishing sites mimic our login page on lookalike domains. Always check the URL and look for the official 'verified' badge in your browser.

Mis à jour May 14, 20266,811 vues96% utile

Our only legitimate domain

https://cinoslots.com

That's it. Anything else is fake. Common phishing variants we've seen in the wild:

  • cinoslot.com (no plural)
  • cino-slots.com (added hyphen)
  • cinoslots.io / cinoslots.net (different TLD)
  • cinoslots.online / cinoslots.casino (suspicious TLDs)
  • secure-cinoslots.com (added prefix)
  • Cyrillic lookalikes: сinoslots.com (the "c" is a Cyrillic letter — looks identical, different domain)

How to verify the URL

  1. Click in the address bar.
  2. Look at only the domain — everything between https:// and the next /.
  3. Confirm it ends with cinoslots.com exactly (no extra letters, no different TLD, no extra subdomains other than www. or m.).
  4. Hover any link in an email before clicking — your browser shows the real destination at the bottom.

Red flags in emails

  • "Your account will be closed in 24 hours unless you confirm" — we never threaten accounts via email.
  • Generic greetings ("Dear customer") — we always use your username.
  • Links that don't go to cinoslots.com — hover before clicking. Phishing emails often hide their real destination.
  • Requests for your password or 2FA code — we never ask for these by email or chat.
  • Demands to download an "updated security app" — we don't have one.
  • Promises of free crypto for "verification" — never.

Red flags on the phishing site itself

  • HTTPS missing or showing a browser warning
  • The login page looks slightly off (wrong shade of orange, weird spacing)
  • After login, the page redirects to a "verify your wallet" form asking for your seed phrase — we never ask for this
  • Fake "live chat" agents asking for screen-share access

What to do if you suspect phishing

  1. Don't enter credentials. Close the tab.
  2. Check our official Telegram @cinoslots — we publicly post known phishing domains as we discover them.
  3. Report it to [email protected] with the URL — our security team files takedown requests with the registrar within hours.
  4. If you already entered credentials: change your Cinoslots password immediately, then revoke all sessions and rotate 2FA. Then email support — we'll review for any unauthorized activity.

We pay bug bounties

If you find a security issue (XSS, IDOR, auth bypass), email [email protected] with PGP-encrypted details — we pay $500–$50,000 depending on severity. See /security.txt for our coordinated disclosure policy.

Cela vous a-t-il été utile ?

96% de 326 lecteurs ont trouvé cela utile.

Toujours besoin d'aide ?

Notre équipe 24/7 répond en moins d'une minute.

Articles connexes

Sécurité

What is the Cinoslots PGP key and when should I use it?

Use it to encrypt sensitive emails to [email protected] (bug reports, KYC documents). Available at /pgp-key.txt.

1.8K vues96% utile
Sécurité

What is address poisoning and how do I avoid it?

Malware or copy-paste attacks that swap your destination address with the attacker's. Always verify first 4 + last 4 characters.

4.1K vues94% utile
Compte

Confirmation / reset emails aren't arriving — what now?

99% of missing emails are spam-filtered. Whitelist [email protected] and check promotions tab.

1.4K vues93% utile