How to enable anti-phishing codes on Bitget? (Fraud prevention)

Understanding Anti-Phishing Codes

1. Anti-phishing codes are unique, user-defined strings added to email subject lines by Bitget to verify authenticity.

2. These codes prevent attackers from impersonating official Bitget notifications via spoofed emails.

3. When enabled, every legitimate security or transactional email from Bitget includes the exact code you set.

4. If an email lacks your code—or displays a different one—it is not from Bitget and should be treated as suspicious.

5. The code is stored server-side and never shared with third parties, ensuring integrity without compromising privacy.

Navigating to Security Settings

1. Log into your Bitget account using verified credentials and two-factor authentication.

2. Click the user avatar in the top-right corner and select “Security Center” from the dropdown menu.

3. Scroll down to the “Email Protection” section—this is distinct from SMS or Google Authenticator settings.

4. Locate the toggle labeled “Anti-Phishing Code” and click the switch to activate it.

5. A modal window will appear prompting you to enter a custom alphanumeric string between 4 and 12 characters.

Setting and Confirming Your Code

1. Choose a code that is memorable but not easily guessable—avoid birthdays, repeated digits, or dictionary words.

2. Enter the code twice: once in the primary field and again in the confirmation field to prevent typos.

3. Click “Submit” to initiate verification; Bitget will send a confirmation email containing your new code to your registered address.

4. Open that email and locate the subject line—your anti-phishing code must appear there exactly as entered.

5. Return to the Security Center and click “Verify” only after confirming the code appears correctly in the subject line.

Maintaining Code Integrity

1. Never share your anti-phishing code via chat, email, or phone—even if someone claims to be from Bitget support.

2. Change the code immediately if you suspect exposure: revisit the Security Center and follow the same setup flow.

3. Disable the feature only if absolutely necessary; doing so removes a critical layer of email-based fraud detection.

4. Check your inbox regularly for Bitget emails—absence of your code in any expected notification warrants immediate investigation.

5. Combine this measure with domain verification: ensure all official Bitget emails originate from @bitget.com or @bitget.me domains.

Frequently Asked Questions

Q: Can I use my anti-phishing code to log in or reset my password?No. The code serves only as an email authenticity marker. It plays no role in authentication flows.

Q: Does enabling anti-phishing codes affect SMS or app notifications?No. This feature applies exclusively to email communications. SMS alerts and in-app messages remain unchanged.

Q: What happens if I mistype my code during setup and confirm it anyway?Bitget blocks final activation until the code appears verifiably in the subject line of the confirmation email. No incomplete or mismatched setup is permitted.

Q: Will Bitget ever ask me to reveal my anti-phishing code over a call or live chat?No. Bitget staff will never request your anti-phishing code under any circumstance.