Home >web3.0 >Crypto Community Raises Alarm as Phishing Scam Targets Investors, Drains $1.7 Million from Ledger Wallet

Crypto Community Raises Alarm as Phishing Scam Targets Investors, Drains $1.7 Million from Ledger Wallet

WBOY
WBOYOriginal
2024-07-12 11:46:53503browse

The crypto community has raised the alarm about an ongoing phishing scam targeting investors after scammers posing as crypto exchange Coinbase

Crypto Community Raises Alarm as Phishing Scam Targets Investors, Drains .7 Million from Ledger Wallet

Crypto investors are being urged to remain vigilant after a fresh phishing scam surfaced, enabling fraudsters to siphon nearly $2 million from an unsuspecting victim. The scam is reportedly linked to the CoinTracker security breach of 2022.

On Monday, Tegan Kline, the CEO of Edge & Node, reported that a crypto investor fell victim to a phishing attack where scammers posed as members of the Coinbase security team to target crypto investors. The incident led to a user's self-custody wallet being drained after revealing half of their seed phrase.

According to the report, a crypto investor received a phone call via Google Voice from a scammer who claimed to be from the crypto exchange's security team. The scammer, falsely identifying himself as "David Brown," contacted the victim to "confirm" suspicious transactions from their account.

The victim then received an email from a fake Coinbase address "verifying" that the person on the phone was an official exchange representative. After the verification, another email was sent to the crypto investor, claiming that their alleged transaction had been delayed.

The email showed a transaction for $3,050.87 in Ethereum (ETH) that had been delayed for 72 hours due to "security reasons." The scammer remained on the call, discussing the victim's previous addresses with them, which raised suspicions.

When questioned about his identity and the information he disclosed, the scammer stated that he "knows these things because he is from Coinbase." The alleged Coinbase representative acknowledged the victim's concerns but claimed the transaction was still coming through.

The scammer then claimed he needed the victim’s seed phrase as their Ledger wallet was connecting directly to the blockchain, and he was “trying to disconnect it.” After directing the victim to a website, they argued with the scammer about the safety of this action but eventually entered a portion of their seed phrase.

CoinTracker Breach Linked To New Phishing Scam?

Several community members speculated about the scam, wondering how the scammer obtained some of the victim’s information. To some, this scheme appeared to be conducted by someone who knew the investor and their holdings.

However, Alex Miller, the CEO of Hiro, suggested that the scam might be linked to the CoinTracker security breach of 2022. The data breach compromised the information of over 1.5 million users who utilized the cryptocurrency portfolio and tax management platform.

Miller revealed that someone attempted to access his Coinbase account using details obtained during the CoinTracker breach. The crypto exchange's security team, however, notified him of the ongoing login attempt.

An X user informed the community that scammers were able to "generate a (legitimate) support ticket + email" that could be used to "reference when calling you posing as Coinbase support.”

Other users shared their scamming attempts from this month. Several investors reported receiving calls from alleged Coinbase representatives to confirm suspicious transactions or login activity.

In the end, Miller advised users to "make sure your Coinbase account is locked down" and to "cycle your API keys if you have been using cointracker."

The above is the detailed content of Crypto Community Raises Alarm as Phishing Scam Targets Investors, Drains $1.7 Million from Ledger Wallet. For more information, please follow other related articles on the PHP Chinese website!

Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn