Protecting Our Customers From Phishing Campaigns

Some Gemini customers have recently been the target of phishing campaigns that we believe are the result of an incident at a third-party vendor. This incident led to the collection of Gemini customer email addresses and partial phone numbers. No Gemini account information or systems were impacted as a result of this third-party incident, and all funds and customer accounts remain secure.

In light of these increased phishing campaigns, we are sharing security best practices with our customers.

At Gemini, the security of customer funds and accounts is our top priority.

We do not recommend that you rely on the secrecy of an email address as a substitute for strong authentication methods. However, if you would like to reset the email associated with your Gemini account, here are instructions on how to do so:

1. Log in to your account via the web browser (currently not available on the mobile app) and go to https://exchange.gemini.com/settings/security;
2. Click "Security Options" on the right-hand corner (next to your current email address);
3. Select "Change Email" from the drop-down menu; and
4. When prompted, enter your new email and current Gemini password.

Online scams are common, particularly in the crypto industry, and we highly recommend using two-factor authentication (2FA) and/or hardware security keys to protect your Gemini account.

We invite you to visit the links below to learn more about how you can keep your account safe:

• How to use 2FA
• How to set up a hardware security key | YubiKey | Google Titan Key

Online scammers have become increasingly sophisticated. Remaining vigilant so you can quickly catch phishing warning signs is crucial for your overall online security.

Gemini Product Security Team