In the past week, there have been reports of several Coinbase users and one crypto user falling victim to scammers impersonating Coinbase. One victim claims to have lost $1.7 million in the scam.
Tegan Kline, co-founder of Edge & Node, shared an incident on July 7 where a “good friend” had their self-custody wallet drained of $1.7 million. The scammer pretended to be from Coinbase’s security team and sent the victim an email that appeared to be from Coinbase, confirming their interaction with an official representative. The scammer then claimed that the victim’s wallet was connecting directly with the blockchain, leading to unauthorized transactions. Another email from Coinbase showed an outgoing transaction.
To stop the transactions, the scammer directed the victim to a website where they were asked to enter their seed phrase. Although the victim knew it wasn’t safe, they entered a portion of their phrase without submitting it. Hours later, $1.7 million was drained from their wallet.
Alex Miller, CEO of Hiro Systems, shared a similar experience where he was contacted by a scammer pretending to be from Coinbase. He suspects that his information was leaked in 2022 from CoinTracker’s email service provider database. Miller advised others to cycle their API keys if they have been using CoinTracker.
On July 3, another user, TraderPaul04, shared a sophisticated social engineering attempt by a fake Coinbase representative. The scammer claimed there was a login attempt on their account and attempted to convince them to click on a fake password reset link.
Beanx, another user, also reported a similar scam call where the fake Coinbase representative claimed someone had tried to log in to their Coinbase account.
In the first half of 2024, around $1.19 billion was lost to crypto security incidents, with over $900 million stolen through phishing and seed phrase compromise attacks.
Coinbase has not yet responded to requests for comment.