Phishing & Approved Domains

As of October 1, 2024, Celsius became aware that additional phishing emails purporting to be from “Celsius & Stretto” and featuring Celsius’ and Stretto’s logos were sent to account holders. A notice with more information was entered to the Court docket and can be found here: https://cases.stretto.com/public/x191/11749/PLEADINGS/1174910042480000000085.pdf 

Please stay alert and remain vigilant for phishing attempts. Celsius or their respective advisors will never contact you directly by phone, text message, or social media to request account or personal information absent an order or on-the-record instruction by the Court.

Please refer to the below for a list of official email addresses: 

• hello@celsius.network

• app@celsius.network

• claims@distributions.celsius.network

• do-not-reply@updates.celsius.network

• complianceteam@celsius.network

• no-reply@cases-cr.stretto-services.com

• celsiusdistribution@stretto.com

• ionicdigital@odysseytrust.com

• do.not.reply@hyperwallet.com

• CelsiusCreditorAnswers@kirkland.com

• CelsiusCreditorQuestions@kirkland.com

• CelsiusLitigationAdmin@m3-partners.com

Please refer to the below for a list of official websites:

• Celsius.network

• stretto.com

• cases.stretto.com

• celsiusnetwork.medium.com

• cases.stretto.com/Celsius

If you see any suspicious website domains or receive any uncorroborated email, text message, or telephone call purporting to be from Celsius or their advisors claiming that withdrawals are available or requesting account information, personal information, or payment, we request that you please immediately contact CelsiusCreditorQuestions@kirkland.com.

Here are additional recommendations on how you can avoid falling victim to phishing attempts. 

Be aware of the sender’s email address and URLs contained in their messages. Phishing emails will exploit your trust, expectations, and complacency with interacting with seemingly trusted sources. The first step is always to verify the Email Sender’s Identity, and without clicking on the links in the email, confirm where they are directed to. We recommend users proactively “whitelist” official emails by creating email filters/tags or automation that will only tag the legitimate sources found above.

Check the sender’s email address and where the email links will take you. Examine the sender’s email address carefully. Phishers often use similar-looking addresses to mimic legitimate ones. Look for misspellings, extra characters, or unusual domain names. Verify email content and formatting. 

Be skeptical of emails with poor grammar, spelling errors, or unusual formatting. Legitimate organizations usually maintain a professional standard in their communication. 

Hover over links. If on your computer, hover your mouse over any links in the email to preview the destination URL. Ensure it matches the expected website and is not a disguised link pointing to a phishing site. 

Check for generic greetings. Phishing emails often use generic greetings like “Dear Customer” instead of addressing you by name. Legitimate organizations typically use your name in their communications. 

Beware of urgent or threatening language. Phishing emails often create a sense of urgency or use threatening language to manipulate recipients into taking immediate action. Be cautious if an email demands urgent attention.

Verify unexpected attachments. Avoid opening unexpected attachments, especially if they come from unknown or unexpected sources. Malicious attachments may contain malware or phishing links. Do not open these links for the first time on a mobile phone, as a mobile phone does not allow you to hover over links and ensure the stated link and the hyperlink match. 

Examine the email signature. Legitimate emails from companies usually include a consistent and professional email signature. Lack of contact information or inconsistencies can be red flags. 

Enable two-factor authentication (2FA) everywhere possible. Implementing 2FA adds an extra layer of security, making it more challenging for attackers to gain unauthorized access even if they obtain your credentials through phishing. 

Use email security features. Many email providers offer built-in security features. Enable features like spam filters and phishing detection to enhance your email security. 

Educate yourself and stay informed. Stay informed about the latest phishing techniques and trends. Regularly update yourself on common phishing tactics to recognize new and sophisticated attempts. Review the Celsius Medium Blog, as well as the official docket on Stretto to keep yourself up to date.

Verify unexpected requests. If an email requests sensitive information or actions that seem unusual, independently verify the request by contacting the organization through official channels before providing any personal information. 

Check for HTTPS. Verify that the website you are directed to uses HTTPS. While this alone does not guarantee legitimacy, it adds an additional layer of security. When in doubt, verify the SSL certificate used. 

Stay cautious with pop-ups and forms. Be cautious if an email or website opens unexpected pop-ups or prompts you to enter sensitive information in forms. Legitimate organizations typically handle such interactions securely, not over a single-click email. 

Never connect your Crypto Wallet anywhere, even if it looks like a Celsius or Stretto Website. If you follow the above tips, proceed with caution, and stay up to date with official site updates, you will be more secure in these trying times.