It can be a victim with a claim of $1.7 million loss reported that a scammer pretended to be on behalf of Coinbase and sent emails that looked like Coinbase’s real messages.
At least three Coinbase users and one other cryptocurrency user reported being conned by scammers posing as Coinbase in the past week, with one individual claiming to have been defrauded $1.7 million.
On July 7th, Tegan Kline, one half of the Edge & Node duo, described an incident in which a ‘friend’ woke to find their self-custody wallet bereft of $1.7 million the previous day after entering into a call with a scam artist where they were tricked into surrendering part of their seed phrase.
The victim stated that the scammer called them and claimed to be from the Coinbase security team. Then, an email was sent, which said,
“Speaking to an official representative at Coinbase.”
The scammer also claimed that the victim’s wallet was “connecting directly with the blockchain,” and thus, unauthorized purchases were being made. After that, the scammer sent another email that, on its face, is from Coinbase showing an actual outgoing transaction.
The scammer told the victim to go into a particular website and input seed phrase to stop the transactions. Although realizing the risk, the victim confessed to typing ‘a portion’ of their phrase but did not actually submit it.
Later the same day, they claimed to have spent $1.7 million pounds had been spent out of their wallets.
Hiro Systems CEO Alex Miller said some of the websites, such as these,
are collecting data as you type” even if you do not click “submit” and the victim who submitted a seed phrase but only partially can get “hacked” as the bad guys can guess the rest.”
Surprisingly, Miller said that he received a call from a cryptocurrency impostor who claimed to be from Coinbase, using the same approach. He believes that his data might have been exposed to CoinTracker through its email service provider list in 2022.
Miller advised stated,
“Specifically, they were using the Coinbase API key connecting to CoinTracker to verify that they were me (in addition to other info),” and. “At the very least, cycle your API keys if you have been using CoinTracker,”
Last week, member ‘TraderPaul04’ shared a ‘rather complex’ social engineering attack by an imposter from Coinbase, who called saying there was log in from a different state.
TraderPaul was cautious, and he wanted to speak to Coinbase service and support directly, pointing out that the scammer quickly hung up the call as soon as he was unable to change my mind.
On 7 July 2018, ‘beanx,’ a site user, flagged a similar scam call in which a ‘Coinbase’ representative called the individual, claiming, “someone attempted to log in to my Coinbase.”
