Scammers Impersonating Coinbase Defraud Users of $1.7M in the Past Week

At least three Coinbase users and one crypto user have reported being targeted by Coinbase-impersonating scammers in the past week

Coinbase users have once again become a target for crypto-scammers, with at least four users reporting being contacted by scammers posing as Coinbase employees in the past week.

One victim, who shared their story with Edge & Node co-founder Tegan Kline on July 7, claims to have lost $1.7 million in a self-custody wallet after being tricked into sharing part of their seed phrase with a scammer.

The victim said the scammer called them on July 6, claiming to be from Coinbase’s security team. During the call, the scammer sent the victim an email that appeared to be from Coinbase, which stated that the victim was “speaking to an official representative at Coinbase.”

The scammer then claimed that the victim's wallet was “connecting directly with the blockchain,” which was causing transactions to come out of the wallet.

The scammer also sent another email, which appeared to be from Coinbase and showed an outgoing transaction from the victim's wallet.

The scammer directed the victim to a website and told them to enter their seed phrase to stop the transactions. The victim said they knew entering their seed phrase on the website “was not safe,” but they still went ahead and entered “a portion” of their seed phrase, without submitting it.

Hours later, the victim claimed that $1.7 million was drained from their self-custody wallet.

Hiro Systems CEO Alex Miller said that such websites “are capturing data as you enter it,” even without submitting it, and the victim’s partial reveal of their seed phrase was likely enough for “the bad guys [to] brute force the rest.”

Miller also said that a scammer pretending to be from Coinbase contacted him recently using a similar scam. He believes his information may have been leaked in 2022 from CoinTracker’s email service provider database.

“Specifically, they were using the Coinbase API key connecting to CoinTracker to verify that they were me (in addition to other info),” he said. “At the very least cycle your API keys if you have been using CoinTracker.”

On July 3, an X user with the handle “TraderPaul04” shared what they called a “pretty sophisticated” similar social engineering attempt by a fake Coinbase rep.

The scammer called TraderPaul and claimed that there was a login attempt on their account from a different city.

TraderPaul said “an American male claiming to be a Coinbase employee” stated their full name and confirmed their email before claiming to have temporarily locked their Coinbase account and sending a fake password reset link with the aim of nabbing their account password.

TraderPaul wasn't convinced and insisted on calling Coinbase customer service directly, adding the scammer “hung up” after failing to convince him not to.

On July 7, another X user, “beanx,” posted that they also had a similar scam call with a fake Coinbase rep, who claimed that “someone attempted to login to my Coinbase.”

Cointelegraph contacted Coinbase for comment but did not receive an immediate response.

Around $1.19 billion was lost to crypto security incidents in the first half of 2024, with over $900 million being stolen through phishing and seed phrase compromise attacks.

The above is the detailed content of Scammers Impersonating Coinbase Defraud Users of $1.7M in the Past Week. For more information, please follow other related articles on the PHP Chinese website!