You fool if that happens then also the first thing we ask is to send signed message from user address used to deposit the funds :-)
No further info will be provided considering security :-)
I gave you a simple scenario. Are you going to explain it? If you don't it's quite obvious that you have no clue about the blockchain and the associated security issues.
I would like you to explain it so that I would know if you understand the issue and if you have a secure method of dealing with it. The fact that you edited this post and still haven't answered such a simple question makes me think that you have no clue.
"Signed address verification or something like that :-)"
How exactly is this going to work? Let's say I transferred 10 XPY from Zencloud to your exchange and send you an e-mail with the TX ID. favdesu sends an e-mail with the same TX ID. How would you know which one of us is the real owner of the 10 XPY. Is this question now sufficiently clear to you or should I ask Paul to get his crayons?