Coinbase User Loses $$1.7M in Phishing Attack


The cryptocurrency community is on high alert following a surge in phishing attacks targeting Coinbase users. These scams involve fraudsters impersonating Coinbase customer support representatives to trick victims into revealing sensitive information.

A particularly alarming incident involved a user who lost a staggering $1.7 million after being tricked into sharing part of their seed phrase. The victim received a call from a scammer claiming to be from Coinbase security. The scammer then followed up with a seemingly legitimate email from “Coinbase” verifying the call.

The scammer fabricated a story about the victim’s wallet “connecting directly to the blockchain” and causing unauthorized transactions. To “fix” the issue, the scammer directed the victim to a fraudulent website that requested their seed phrase. While the victim wisely avoided submitting the complete phrase, even entering a partial portion proved disastrous. Cybersecurity experts believe this partial information was enough for the scammers to crack the entire seed phrase using brute force techniques and drain the victim’s wallet.

Another user reported a similar encounter with a scammer who seemed to possess additional personal information. This individual suspects their data may have been compromised in a 2022 breach of CoinTracker’s email service provider database. The scammer allegedly used a Coinbase API key linked to CoinTracker to further convince the victim of their legitimacy. Cybersecurity experts recommend users who utilize CoinTracker to immediately rotate their API keys as a precaution.

These scams extend beyond elaborate email and website forgeries. Another user described receiving a phone call from a seemingly well-informed individual claiming to be a Coinbase employee. The scammer rattled off the user’s full name and email address before falsely stating their account was compromised due to a login attempt from a different city. The scammer then attempted to trick the user into clicking a fake password reset link. Thankfully, the user recognized the red flags and contacted Coinbase directly, exposing the scammer’s attempt.

Staying Safe from Crypto Scams

With cryptocurrency theft on the rise, it’s crucial for users to remain vigilant. Here are some key takeaways to avoid falling victim to these scams:

  1. Never share your seed phrase with anyone, under any circumstances. Legitimate customer support representatives will never ask for this information.
  2. Be wary of unsolicited calls or emails claiming to be from Coinbase.
  3. Verify communication directly with Coinbase through official channels.
  4. Enable two-factor authentication (2FA) on your Coinbase account.
  5. Avoid clicking on suspicious links or downloading attachments from unknown senders.
  6. Consider using a hardware wallet for added security.

By following these tips and remaining cautious, crypto users can significantly reduce their risk of falling prey to these cunning scams.

Source Link
Author: Sb

This post was originally published on

Comments are closed.