• How to Stay Safe on Paxful

    Safety is a big priority for us at Paxful, so we’ve put together this list of tips and tricks to help keep your account safe.

    Protect yourself in the trade

    1. Stay in the trade chat if you can.

        • Although there are times where you might need to exit the chat to finish the trade, try not clicking on suspicious links that you aren’t familiar with, especially phishing links.
        • Be cautious of users asking you to cancel a trade and to switch over to a different offer link. Keep an eye out for users that are not following offer guidelines. 
        • Don’t chat outside of Paxful’s trade chat. If your trade ends up in a dispute, our team can’t fully help to resolve the issue since it happened outside of Paxful.
        • Check that your address bar is "https://paxful.com" before entering your account details.

    2. Don't share your personal information. 

        • Don’t share contact or personal information in the trade chat—users can try to scam you on off-site trades, impersonate you, or show that you traded with them off-escrow.

    3. Identify real Paxful moderators.

        • It’s important to know that our moderators have specific chat bubbles and signatures to let you know that it’s really us. Here’s what a real Paxful moderator message will look like:


    Protecting your Paxful account

    1. Two-factor authentication

        • We highly recommend setting up 2FA as soon as you create your Paxful account. You can set this up in your account settings. We love using Authy or Google Authenticator, but you can also use SMS. SMS can be a bit more risky since there are tactics (such as SIM swapping) to get a hold of someone’s SMS messages, and receiving SMS depends on your network and region.

    2. Security questions

        • It’s best to set your questions up when you create your Paxful account, but you can set them up at any time in your account settings. Be sure to pick questions and answers that you won’t forget!

    3. Active sessions

        • We recommend frequently checking out the devices you’re currently logged in to your Paxful account on. You can check this in the security tab of your Paxful account. If you don’t recognize a device, use the “x” on the page to log your Paxful account out of that device. We’d also recommend changing your password if this happens, too. 

    Protection measures outside of your Paxful account

    Even when you’re not logged in and actively using your Paxful account, it’s important to keep your account and systems safe. 

    1. Email and passwords

        • Creating passwords. When creating a password, be sure to use a combination of upper and lower case letters, numbers and special characters. 
        • Don’t use the same password. It’s super important to have different passwords for your email and your Paxful account. This is because hackers usually target your emails. In the worst-case scenario, if a hacker gains access to your email, they’ll be able to access the funds in your Paxful wallet. 
        • Never share your password. Be cautious of users asking for sensitive information like your password in a trade chat. The Paxful team will NEVER ask for your password or other sensitive account information. If you’re in a trade dispute and you’re asked by our moderators to provide a screenshot or a video as proof, make sure your passwords are not visible.
        • Protect your email address. Make sure you protect the email address connected to your Paxful account and don’t share it in a trade chat. Your email is a gateway to your Paxful account so be sure to keep it to yourself!
        • Be cautious of SMS messages and emails from unfamiliar senders:
          • Paxful only sends you SMS with security codes related to 2FA and phone verification.
          • Don’t interact with suspicious emails. It’s best to not open emails that look suspicious to you. 
          • Don’t give away sensitive data or click on suspicious links. For additional info, see: I received a suspicious email. Is it from Paxful?

    2. Computer health checklist 

        • Keep your systems up to date. This includes your computer, browser, and any softwares or programs.
        • Don’t download anything unnecessary. In addition to this, if you don’t know the developer or you’re not sure if you trust it, don’t download the software or program. 
        • Use officially licensed softwares. Make sure you’re using softwares that are trusted and licensed. Remember to keep these programs up to date, too. This includes antivirus, anti-malware, personal firewall programs, etc.

    3. Use secure networks

        • Make sure you’re using trusted and secure Wi-Fi and networks. Ideally, use a wired connection or a network with a password.

    Here are some great tips on how to keep your cryptocurrency safe when trading in the Paxful marketplace.

  • What Should I Do if Someone Logged Into My Account?

    Kung sa tingin mo ay may taong nakakuha ng access sa account mo o pinaghihinalaan mong nakompromiso ang mga detalye ng sa paglogin mo, kung gayon ay dapat mong ayusin ang ilang bagay bago kontakin ang suporta. Ang pagpapagana sa 2-Factor Authentication ay magandang paraan para maiwasang mangyari. Pero, sakaling pumalya iyon, narito ang dapat mong gawin:

    Kapag may isang taong nag-login sa account mo pero may access ka pa rin dito.

    Gawin ang sumusunod:

      1. Usually, whenever there is a new or unexpected login on your account, we immediately notify you via email with a link to report to lock your account if you suspect intrusion. So just click the link in the email. Your account is locked immediately and all sessions are terminated. The faster you act, the higher the chances of saving your BTC. Next, contact support to restore access to your account. After, take steps to protect your account
      2. Alternatively, while logged in to your account, simply proceed with the following steps.

    Mga hakbang para protektahan ang account mo:

    1. Palitan ang password mo sa isang bagay na ligtas (ang password na HINDI MO PA NAGAMIT sa ibang mga site o email). Subukang gumawa ng password mo na mahirap hangga't maaari, pero madali ring tandaan.
    2. Suriin para tiyakin na wala sa mga ibang settings mo tulad ng email o numero mo ng telepono ang nabago. Kapag nabago ang mga iyon sa mga bagay na hindi mo nakikilala, palitan uli ang mga iyon.
    3. Go to your active sessions (Settings > Security > Active Sessions) and log out all sessions by clicking the Close icon next to them.
    4. Mag-log out sa account mo.
    5. Mag-log in muli gamit ang bago mong password.
    6. Download Google Authenticator(iPhone/Android) or Authy (Mac/Windows).
    7. Turn on 2FA on Paxful and scan the code with your phone. Remember to turn 2FA on for BOTH login and sending out as it will make your transactions more secure. We recommend using Google Authenticator or Authy over SMS 2FA as it is more secure. Just bring up the app and get the code every time you want to log in or send crypto.
    8. Itakda ang mga tanong mo sa seguridad at isulat ang mga iyon sa isang lugar. Kakailanganin mo ang mga iyon sakaling mawala ang telepono mo at kailangang i-reset ang 2FA mo.


    • If the support team can trace the hacker and recover any funds, we will contact you. Hackers often cover their actions very well and it is not possible to track them down to reverse cryptocurrency transactions.
    • Ipinapayo na palitan mo ang mga password mo sa alinmang ibang mga ccount na mayroon ka online dahil ang mga hacker ay karaniwang nakakakuha ng access sa pamamagitan ng pagkuha ng email mo o ibang mga account.

    Kung hindi ka makapaglogin sa account mo:

    1. Contact support and provide all the information required by our support agents. Once it’s verified that you are the account owner, inform support that you need an ACCOUNT LOCKDOWN. Support Team will see if there is enough data to prove you are not a hacker (and will try to give you access to your own account). Once it is verified that you are the victim and rightful account owner, account access will be restored.
    2. Once you log in, secure your account immediately.

    Paano nangyari ito at paano ko maiiwasang mangyari itong muli?

    Para maiwasang mangyari itong muli, minumungkahi namin na huwag mong gamitin ng parehong password sa lahat ng website at gumagana ang iyong 2FA na may Google Authenticator.

    Sa Paxful, patuloy naming pinaghuhusay ang proseso ng seguridad upang panatilihing ligtas ang inyong mga pondo hangga't maaari.

    So where did the cryptocurrency go?

    • Check your account activity to see who logged into your account. Take note of their IP address.
    • Check your wallet ledger to see the cryptocurrency address they sent your coins to.

    With the cryptocurrency address and the IP address of the thief, you have some information but it is often impossible to track them down. Our support team does not have the resources to help you investigate further because hackers often use VPNs and also due to the general anonymity of cryptocurrency. It is nearly impossible to track them down, so try your best to make your account as secure as possible.

  • I Received a Suspicious Email or Link. Is it from Paxful?

    If you received a suspicious link, email, or message that looks like it’s from us or an entity claiming to be associated with us,  please report such links or emails to our Support team.

    We recommend that you do not click any sent links that look suspicious or click on any links in suspicious emails. We also advise that you do not download any attachments included in such emails or messages, and we recommend that you do not reply to these messages. 

    When reaching out to Support about the links, emails, or messages, be sure to include all the information from the emails or messages as this will help us investigate where it came from. Reporting the message in detail will also help us take swift action to stop it from spreading to other customers.

    Official Paxful email addresses:

    These are a list of official Paxful email addresses that you can trust: 


    Information Paxful will never request:

    We will never request the following information. If someone asks for any of the specific information below or asks you to complete the following actions, please report them to us right away.

    • Your full credit card number or other financial details
    • Your password
    • Your one-time 2FA password (code)
    • Click a link to receive funds, verify info, release or cancel the trade when you are already logged in (you can do that yourself on the Paxful).


    How to spot a phishing link:

    While scammers change their tactics frequently, look for these classic signs of a phishing or spoofing attempt:

    • Make sure there are no spaces in the link provided.
    • There are no URLs inside pictures.
    • There are no links with/attached to QR codes 
    • We recommend you be very cautious with file-sharing links. These can lead to malware or hacking.
    • There is no ‘Whatsapp’ or other messengers inside pictures.
    • You receive emails or messages with .html attachments.
    • Also, keep your trades in Paxful, these links can be shared off-escrow without detection.


    How to spot a phishing email or chat message:

    While scammers change their tactics frequently, look for these classic signs of a phishing or spoofing attempt:

    • The user requests for your bank account, username, password, social security number, or identity. 
    • A claim is made that your account is compromised. In such cases, we may send only automated messages from “no-reply” email addresses.
    • You receive an unsolicited email with a link to verify your account information.
    • There are typos in the email address. It’s common to see something like [email protected]ppaxful.com.
    • You receive suspicious links that don’t lead to www.paxful.com. Before you enter your login information or click on a link, double-check the URL by copying it into your address bar without pressing Enter.
    • You receive emails that mimic our design. These emails aim to distract you from any typos in the email address or website links by using pictures and colors similar to our platform.


    Ways to Protect Yourself from Phishing Scams: 

    • Always report any suspicious activity to our Support team.
    • Check that a link, email, or message is actually from Paxful.com. 
    • Do not click on any links, downloads, or attachments from questionable messages and emails.


    For more information on how to protect your account see our security guide.

  • Setting Security Questions

    Ang mga tanong panseguridad ay mahalagang bahagi ng pagprotekta sa iyong account sa Paxful. Ang mga tanong panseguridad ay makatutulong upang ibalik ang access sa account mo sakaling maiwala mo ito. Sundin ang mga hakbang na ito para maconfigure ang mga tanong panseguridad mo.

    1. Mag-login sa Paxful account mo, i-hover sa ibabaw ng username sa kanang itaas ng page at pindutin ang Settings mula sa context menu na lumilitaw.
    Ang Settings page ay lilitaw.
    2. Sa menu sa kaliwa, pindutin ang ITAKDA ANG MGA TANONG PANSEGURIDAD.

    Itakda ang iyong tanong panseguridad ang dialog box ay lilitaw.
    3. Pindutin ang Itakda ang mga sagot na link.
    Ang Itakda ang mga sagot na dialog box ay lilitaw.
    4. Piliin ng 3 tanong panseguridad mula sa mga drop-down na listahan. I-type ang katumbas na mga sagot sa mga puwang sa ilalim ng mga tanong.

    Babala: Tingnang mabuti ang mga sagot mo at tiyakin na natatandaan mo ang mga iyon. Kung sakaling kinakailangan, kailangan mong magbigay ng mga sagot sa mga tanong na ito nang eksakto sa pagkakasulat sa mga puwang. Kapag nalimutan mo ang mga sagot mo, magiging mas mahirap ang pagroseso sa pagsasauli ng access sa account mo.

    Tip: Kapag pumipili ng mga sagot sa tanong panseguridad mo, isaalang-alang ang paggamit ng impormasyon na hindi makikita sa mga social media profile mo. Halimbawa, huwag sagutin ang tanong na “sino ang matalik mong kaibigan sa paaralan?” gamit ang pangalan ng isang tao kundi sa halip ay isaalang-alang ang kanyang palayaw.

     5. Pindutin ang I-save.
    Nakatakda na ang mga tanong panseguridad mo. Na-redirect ka para bumalik sa Account settings page.

    Para sa karagdagang impormasyon kung paano gagawing ligtas ang account mo, suriin ang aming gabay panseguridad.

  • Pagsasaayos ng 2FA

    Kung nahihirapan kang tumanggap ng two-factor authentication (2FA) 2FA SMS code, o kung ang 2FA Google Authenticator (GA) code ay hindi gumagana, subukang sundin ang mga tips sa pagtroubleshoot:

    Google Authenticator and Authy

    Kung hindi gumagawa ang Google Authenticator code mo, baka dahil ito ang oras na ang inyong Google Authenticator app ay hindi naka-sync nang tama gamit ang iyong device. Tiyaking suriin ang orasan sa iyong device at itakda ito sa tamang timezone. Ang maling orasan ay nagdudulot ng mga code na hindi naka-sync.


    Tingnan ang sumusunod na mga punto kung ang device mo ay hindi tumatanggap ng mga SMS na mensahe ng 2FA.

    • Tiyakin na ang device mo ay nakabukas kapag ang 2FA na code ay gumagana
    • Tiyakin na ang device mo ay may sapat na signal ng cellphone kapag pinagagana ang 2FA code.
    • Tiyakin na ang device mo ay hindi nakasara ang roaming sa home network mo, dahil hindi magagarantiya ng SMS provider namin ang paghahatid ng mga roaming device na SMS.
    • Tiyakin na ang SMS inbox ng device ay hindi puno.

    Tandaan: Kung nasubukan mo nang paganahin ang mga vode ng 2FA SMS nang ilang beses at hindi pa rin nakakatanggap ng mga code, maaaring huminto ang system namin sa pagpapadala ng mga code. Kung iyan ang kaso, maghintay nang 24 oras at subukang paganahin ang 2FA SMS code muli. Kung nagkakaproblema ka pa rin na tumanggap ng mga code ng 2FA SMS, suriin ang network provider mo kung hinaharangan nila ang aming mga SMS message.

    See our article on how to set 2FA with Google Authenticator or Authy. Tingnan din ang aming gabay ng seguridad para sa tips kung paano protektahan ang account mo.


  • I Forgot My Password

    Para i-reset ang password kapag hindi ka nakapirma sa iyong Paxful account: 

    1. Click Log in button on the home page
    2. Click “Forgot password?
    3. Enter your phone number or email address and then click Request new password

    From there, you'll receive an email from us with a link to reset your password. If you have 2FA enabled, you will be asked to input the 2FA code to complete your password reset request.


    • If you received a password reset link via email, the link is valid for 60 minutes.
    • If you requested an email link multiple times, use the latest link you received.

    Tingnan ang aming gabay ng seguridad para sa karagdagang impormasyon sa pagpapahusay ng kaligtasan ng iyong account. Maaari mo ring tingnan kung paano palitan ang password sa profile settings mo.

  • Changing Password from Profile Settings

    Maaari mong i-reset ang password ng Paxful mo mula sa iyong mga setting ng seguridad ng account.

    To change your password while logged into your Paxful account:

    1. Hover over your username on the top right of the page and click Settings from the context menu that appears.
    The Settings page appears.
    2. On the menu on the left side of the page, click Security.
    3. On the Change password dialog box, complete the following fields:

    Pangalan ng Field Paglalarawan Mga Komento
    Kasalukuyan Ilagay ang kasalukuyang password.  
    Ilagay ang bagong password Ilagay ang bagong password. Ang bago mong password ay dapat na :
    Maging 6 na karakter man lang ang haba
    Isang maliit na titik na karakter
    May isang espesyal na karakter (@#* etc.)
    May isang numero
    May isang malaking titik na karakter
    Beripikahin ang password Ilagay uli ang bagong password. Ang password ay dapat eksaktong pareho sa inilagay sa unang puwang.

    4. Click Change password.
    Your password is reset. You are logged out and redirected to the Login page. A confirmation email is sent to your inbox from [email protected] 

    See our security guide for additional information on improving the safety of your account. If you do not remember your password, click here.

  • Restoring Access to 2FA

    Having 2FA set on your account significantly improves the security level of your cryptocurrency wallet. However, sometimes you may lose access to your 2FA due to any of the following reasons:

    • Nawala ang telepono mo o nasira.
    • Nabura ang authentication app.
    • Inilipat mo sa bagong device, at ang app kasama ang lahat ng code ay hindi maaaring ilipat sa bago mong device.
    • Nagbago na ang numero ng telepono mo.

    If this happens, click "Trouble logging in?" when you're asked to enter in your 2FA code. From there, we'll ask you some questions and we'll see how we can help.

  • Pagpapagana sa 2-Factor Google Authenticator

    Ang pagtagal para paganahin ang 2-Factor Authentication (2FA) ay maaaring mangahulugang malaking pagkakaiba sa mga termino ng seguridad ng iyong account. Kahit na paganahin mo ang 2FA sa pamamagitan ng SMS, nirerekomenda namin gamit ang Google Authenticator dahil ito ang pinakaligtas na osyon. Hindi maaasahan ang SMS dahil laganap ang taktika ng hacker gamit ang “pagpapalitan ng SIM”, kung saan nahahawakan ng mga hacker ang iyong mga mensahe sa SMS.

    Tingnan ang gabay na video namin sa two-factor authentication:


    Tandaan: Bago ka magsimula, i-download ang Google Authenticator app para sa telepono mo. 

    Para paganahin ang 2FA gamit ang Google Authenticator sa ilalim ng iyong account security settings:

    1. Sa oras na ma-install na ang app, sa magkakaibang device (PC, tablet, isa pang smartphone) na paglogin sa iyong Paxful account.
    2. Hsa ibabaw ng iyong username sa itaas na bahagi ng page at pindutin ang Settings mula sa context menu na lumilitaw.
    Ang page ng Settings ay lumilitaw. 
    3. Sa menu sa kaliwa, pindutin ang Seguridad.
    Anh page ng Security ay lilitaw.
    4. Sa ilalim ng 2FA para maglogin, piliin ang GOOGLE AUTHENTICATOR o AUTHY.

    5. Pindutin ang I-UPDATE ANG 2FA PARA MAGLOGIN.

    Ang QR-code ay lumilitaw.
    6. I-scan ang QR-code gamit ang telepono mo sa pamamagitan ng paggamit ng Google Authenticator app. Ang 6-digit code ay lumilitaw sa app.
    7. Ilagay ang 6-digit na code sa field katabi ng QR-code.

    8. Pindutin ang I-UPDATE ANG 2FA PARA MAGLOGIN.

    Tip: You can set 2FA for sending and releasing cryptocurrency as well. This will highly improve the security of your Paxful wallet.

    Tingnan ang aming gabay ng seguridad at tips sa kaligtasan para sa karagdagang impormasyon.

  • Pagpapagana sa 2-Factor Authy

    Ang pagtagal para paganahin ang Two-Factor Authentication (2FA) ay maaaring mangahulugang malaking pagkakaiba sa mga termino ng seguridad ng iyong account. Kahit na paganahin mo ang 2FA sa pamamagitan ng SMS, nirerekomenda namin gamit ang Google Authy dahil ito ang pinakaligtas na opsyon. Hindi maaasahan ang SMS dahil laganap ang taktika ng hacker gamit ang “pagpapalitan ng SIM”, kung saan nahahawakan ng mga hacker ang iyong mga mensahe sa SMS.

    Tingnan ang gabay na video namin sa two-factor authentication:

    Tandaan: Bago ka magsimula, i-download ang Authy app para sa telepono mo. 

    Para paganahin ang 2FA gamit ang Authy sa ilalim ng iyong account security settings:

    1. Once the app is installed, on a different device (PC, tablet, another smartphone) login into your Paxful account.
    2. Hover over your username on the top right of the page and click Settings from the context menu that appears.
    The Settings page appears. 
    3. On the menu on the left, click Security.
    Your Security page appears.
    4. Under 2FA for login, choose GOOGLE AUTHENTICATOR or AUTHY.
    5. Click UPDATE 2FA FOR LOGIN.
    A QR-code appears.
    6. Scan the QR-code with your phone by using the Authy app. A 6-digit code appears on the app.
    7. Enter the 6-digit code into the field next to the QR-code.
    8. Click UPDATE 2FA FOR LOGIN.

    Tip: You can set 2FA for sending releasing cryptocurrency as well. This will highly improve the security of your Paxful wallet.

    Tingnan ang aming gabay ng seguridad at tips sa kaligtasan para sa karagdagang impormasyon.