Multiple Coinbase Users Targeted in Scam

At least three Coinbase users and one crypto user have reported being targeted by Coinbase-impersonating scammers in the past week. One victim claimed to have been swindled out of $1.7 million.

Edge & Node co-founder Tegan Kline shared with X on July 7 an explainer from a "good friend" whose self-custody wallet was drained of $1.7 million a day prior after a scammer tricked them into sharing part of their seed phrase.

The victim said the scammer called, claiming they were from Coinbase's security team. The scammer then sent the victim an email that appeared to be from Coinbase, verifying that the victim was "speaking to an official representative at Coinbase." The scammer claimed the victim's wallet was "connecting directly with the blockchain," causing transactions to come out of the wallet.

Scammer Tricks Victim with Fake Emails

The scammer then sent another email, which appeared to be from Coinbase and showed an outgoing transaction. The scammer directed the victim to a website to enter their seed phrase to stop the transactions. The victim knew the phrase was "not safe" but entered "a portion" of it anyway without submitting it. Hours later, they claimed, $1.7 million was drained from their wallet.

Hiro Systems CEO Alex Miller wrote that such websites "are capturing data as you enter it" even without submitting it, and the victim's partial reveal of their seed phrase was likely enough for "the bad guys [to] brute force the rest."

Miller shared that he was also recently contacted by a scammer pretending to be from Coinbase using a similar scam. He believes his information may have been leaked in 2022 from CoinTracker's email service provider database.

"At the very least, cycle your API keys if you have been using CoinTracker," Miller advised.

Social Engineering Attempts on the Rise

Last week, X user "TraderPaul04" on July 3 shared what they called a "pretty sophisticated" similar social engineering attempt by a fake Coinbase rep who called them claiming there was a login attempt on their account from a different city.

Trader Paul said, "an American male claiming to be a Coinbase employee." He said his full name and confirmed his email before claiming to have temporarily locked their Coinbase account and sent a fake password reset link to nab their account password.

TraderPaul wasn't convinced and insisted on calling Coinbase customer service directly, adding the scammer "hung up" after failing to convince him not to.

X user "beans" posted on July 7 that they also had a similar scam call with a fake Coinbase rep claiming "someone attempted to login to my Coinbase."

Rising Threat of Phishing and Seed Phrase Compromise

In the first half of 2024, around $1.19 billion was lost to crypto security incidents, with over $900 million stolen through phishing and seed phrase compromise attacks.

The recent wave of attacks targeting Coinbase users highlights the importance of vigilance and robust security practices. Users are urged to verify any communications purportedly from exchanges or wallet services and never to share their seed phrases or login credentials.