Fake Coinbase Representatives Swindle $1.7 Million from Crypto User, Experts Warn of Rising Phishing Attacks
In the past week, at least three Coinbase users and one other cryptocurrency user have reported being targeted by scammers impersonating Coinbase representatives, with one victim claiming a loss of $1.7 million.
On July 7 Tegan Kline, co-founder of Edge & Node, shared on X a detailed account from a “good friend” who had their self-custody wallet drained of $1.7 million the day before. The victim fell prey to a scam after being tricked into revealing part of their seed phrase.
According to the victim, the scammer called pretending to be from Coinbase’s security team and sent an email that appeared to be from Coinbase, which seemingly verified that the victim was speaking with an official representative. The scammer claimed that the victim’s wallet was “connecting directly with the blockchain,” causing unauthorized transactions. They then sent another email, again seemingly from Coinbase, showing an outgoing transaction.
The scammer instructed the victim to visit a website and enter their seed phrase to stop the transactions. Despite knowing it was unsafe, the victim entered “a portion” of their seed phrase without submitting it. Hours later, $1.7 million was drained from their wallet.
Alex Miller, CEO of Hiro Systems, explained that such websites capture data as it is entered, even without submission. He suggested that the partial reveal of the seed phrase was enough for the scammers to brute force the rest.
Miller also shared that he had recently been contacted by a scammer using a similar method. He suspects his information may have been leaked in 2022 from CoinTracker’s email service provider database. The scammer used the Coinbase API key connected to CoinTracker to verify Miller’s identity. He advised users to cycle their API keys if they have been using CoinTracker.
Last week, X user “TraderPaul04” recounted a “pretty sophisticated” social engineering attempt by a fake Coinbase representative on July 3. The scammer, claiming to be a Coinbase employee, provided the user’s full name and email and claimed there was a login attempt on their account from another city. The scammer said they had temporarily locked the account and sent a fake password reset link to capture the account password. However, TraderPaul insisted on contacting Coinbase customer service directly, leading the scammer to hang up.
On July 7, X user “beanx” also reported a similar scam call from a fake Coinbase representative claiming there was a login attempt on their account.
Cointelegraph reached out to Coinbase for comment but did not receive an immediate response.
In the first half of 2024, approximately $1.19 billion was lost to crypto security incidents, with over $900 million stolen through phishing and seed phrase compromise attacks.
Leave a comment