Coinbase Users Report Scams and Phishing Attacks from the Official Web

Coinbase users have experienced a series of scams and phishing attacks (photo: twitter @coinbase)

JAKARTA - Coinbase users have experienced a series of scams and phishing attacks involving the company's services and applications in recent weeks, including claims that fraudsters used the crypto exchange's domain name.

The most recent case was disclosed on July 7 by a Twitter user known as Daniel Mason, who claimed to have received text messages and emails from scammers with links under the Coinbase.com domain.

The fraudster contacts Mason using a real phone number, then triggers an email from the Coinbase.com domain, followed by a phishing text message that directs him to a Coinbase subdomain URL, before verifying Mason's address, social security number, and driver's license number.

As Mason noted, the scammer spoke good and native English. The scammer reportedly said during the phone call that Mason would receive an email from Coinbase regarding the alleged breach of his account. Right after that, an email arrived from [email protected]. "Did he make a case on my behalf? Or access the Coinbase mail server?" Mason said on Twitter.

Mason's experience is just one of many reports on the social media platform reporting security incidents involving the crypto exchange. A quick look at Coinbase's support page shows users complaining of several types of scams, including phishing on Coinbase Wallet and criminals using the company's web address.

Holy shit.

I just got attacked with one of the most complex scams in #crypto that I have seen to date.

Please read if you use @coinbase.

This just happened 15 minutes ago.

THIS IS A WARNING FOR ALL COINBASE USERS!

There has been some sort of a data breach.

First, I… pic.twitter.com/aOVWLpAtY4

— Jacob Canfield (@JacobCanfield) June 13, 2023

Cointelegraph spoke to victims of a similar approach. The individual, who asked to remain anonymous, claims to have called Coinbase's support service to verify the authenticity of an email about compromising user accounts. The employee later confirmed that it was a genuine communication, but that the email was the work of a hacker.

"A Coinbase employee authenticated a hacker as a Coinbase employee, who then stole my crypto. They then flogged me before taking no responsibility whatsoever, even though I had witnesses, the time and date of the summons, and the employee I spoke to," said the individual.

This case is now under legal process. Among the frozen and stolen funds, victims claim to have lost around US$50,000 in assets.

The reports follow a pattern of attacks on Twitter user Jacob Canfield. Canfield reportedly received text messages and phone calls from scammers on June 13, claiming changes to his two-factor authentication (2FA).

"Then they sent me to the 'security' team to verify my account and avoid suspension for 48 hours. They had my name, my email, and my location, and emailed a 'verification code' from [email protected] to my personal email," explained Canfield, adding that the scammer "went mad and hung up" when told the code would not be sent.

The email [email protected] is listed on the exchange's support page as a trusted and official address. The company's blog also states that its staff will never ask users to provide passwords or two-step verification codes, and will not request remote access to devices.

In its statement to Cointelegraph, Coinbase said that it has “extensive security resources dedicated to providing customers with knowledge about preventing phishing attacks and fraud. We work with international law enforcement to ensure that anyone who deceives Coinbase customers is investigated according to applicable law.”

Security specialists recommend using strong and unique passwords for crypto accounts and enabling 2FA in the applications used.