At Exness, we work hard to deliver the highest levels of security possible, so that you can manage your accounts and trade with peace of mind.
However, did you know that there’s a lot you can do to keep your data secure too? We’ve put together a few important safety tips that will make your trading journey at Exness worry-free. Please make sure that you follow the instructions below and comply with the guidelines.
- Security types
- Passwords and verification codes
- Official means of communication
- How to keep your email safe
Your Security Type is chosen during the registration process and is a measure put in place to prevent unauthorized access to your trading accounts. This extra level of security ensures the safety of your personal data and the security of your non-trading transactions such as withdrawals.
There are two Security Types: Email and SMS.
- Email (low security)
When you request withdrawals or change account settings such as passwords and leverage, an email containing a unique confirmation code will be sent to the email address registered to your Exness account. You then simply need to enter the code when prompted. Simple!
- SMS (high security)
If you’ve chosen SMS as your Security Type, we will send a code to your registered phone number whenever you request a withdrawal, leverage change, etc. Enter the unique SMS code in the verification field to confirm your request.
Requests that require verification
You’ll receive verification codes for the following requests, regardless of whether you selected Email or SMS verification during the registration process:
- Withdrawing funds
- Changing passwords
- Changing security type
- Changing leverage
- Use long, strong passwords that are difficult to hack, and keep them in a safe place. Avoid using information such as your birthday, common phrases, pet names, etc.
- Never disclose any of your passwords to third parties, except in the following cases:
- If you contact our Support Team: You will have to tell us the Secret Word phone password that you set during registration. This is an extra level of security that allows us to confirm that we are speaking to you. Please note that the Exness Support Team does not have access to your Personal Area, and they do not have the right to ask you for your Personal Area password.
- If you want a third party (such as Investors) to view your trading activity, you can give them your Investor Password, which gives view-only access to your MetaTrader trading account. This password does not allow account settings to be changed, or transactions or fund transfers to be executed in your name.
- Never disclose the SMS or email verification codes you receive from us. The only exception is when our Support team helps you to add a new mobile number to your Personal Area.
In accordance with our Client Agreement, the official means of communication between Exness and you, our client include:
- Email: All emails will be sent from an ...@exness.com address, such as email@example.com
- MetaTrader: Messages are also sent from the MetaTrader platforms’ internal mailing systems
- Phone: You can find the official phone number listed in the Contact section of exness.com
- Live Chat: Visit exness.com to launch a Live Chat session with a member of our Support Team.
Exness does not use the following as official forms of communication:
- Yahoo Messenger
- QQ, etc.
Any email sent from a domain other than @exness.com is not an official communication from Exness, even if the email address contains the word - Exness. If you receive an email from a suspect address please contact firstname.lastname@example.org.
If you suspect that you have become a victim of fraudulent activity, please contact our Support Team immediately.
You use your email to login to your Exness Personal Area, so ensure that you protect it from unauthorized access:
- Enable two-factor authentication.
- Delete the security questions in your email account's security settings or use random characters as answers. Remember: answering a security question is the most popular way to hack an email account!
- Use a strong password to sign into your email account. Your password should not contain whole words. It should be longer than ten characters and it should include numbers, along with uppercase and lowercase letters.
- If you access the service through the web interface, disable the SMTP, POP3, and IMAP protocols in your email account's settings. This will protect your email account from a brute force attack.
- Refrain from clicking on questionable links in emails from strangers or organizations! If you receive an email containing a link and you click on it, do not enter any passwords.
If you receive an email with a code but you did not make any requests or changes in your Personal Area, delete the email immediately and report the incident to our Support Team.
Please note: Failure to comply with these security requirements means that you take full responsibility for the safety of the funds in your accounts.