Sunday , 22 December 2024
Home Kripto Coinbase-Posing Scammers Steal $1.7M from a User Amid a String of Attacks
Kripto

Coinbase-Posing Scammers Steal $1.7M from a User Amid a String of Attacks

Coinbase-Posing Scammers Steal .7M from a User Amid a String of Attacks

At least three Coinbase users and one additional crypto user have reported being targeted by scammers impersonating Coinbase representatives in the past week, with one victim losing a staggering $1.7 million.

Major Scam Incidents

On July 7, Tegan Kline, co-founder of Edge & Node, shared on X a detailed account from a “good friend” who had their self-custody wallet drained of $1.7 million after being deceived by a scammer. The scammer tricked the victim into sharing part of their seed phrase.

The victim recounted that the scammer called claiming to be from Coinbase’s security team. They sent an email that appeared to be from Coinbase, verifying that the victim was “speaking to an official representative at Coinbase.” The scammer alleged that the victim’s wallet was “connecting directly with the blockchain,” causing unauthorized transactions. They then sent another email, seemingly from Coinbase, showing an outgoing transaction.

The scammer directed the victim to a website to enter their seed phrase to stop the transactions. Despite knowing this was unsafe, the victim entered “a portion” of their seed phrase without submitting it fully. Hours later, $1.7 million was drained from their wallet.

Hiro Systems CEO Alex Miller explained that such websites capture data as it is entered, even without submission. He noted that the partial reveal of the seed phrase was likely enough for the attackers to brute-force the rest. Miller himself was recently contacted by a scammer using a similar approach. He believes his information may have been leaked from CoinTracker’s email service provider database in 2022.

“Specifically, they were using the Coinbase API key connected to CoinTracker to verify that they were me (in addition to other info),” Miller said. He advised, “At the very least cycle your API keys if you have been using CoinTracker.”

Other Reported Scams

On July 3, X user “TraderPaul04” reported a sophisticated social engineering attempt by a scammer posing as a Coinbase representative. The scammer claimed there was a login attempt on their account from a different city. An American male, claiming to be a Coinbase employee, stated TraderPaul’s full name and confirmed their email before alleging to have temporarily locked their Coinbase account. They sent a fake password reset link to steal the account password. Suspicious, TraderPaul insisted on calling Coinbase customer service directly, which caused the scammer to hang up.

On July 7, another X user, “beanx,” shared a similar experience of receiving a call from a fake Coinbase representative claiming “someone attempted to login to my Coinbase.”

Cointelegraph reached out to Coinbase for comment but did not receive an immediate response. The rise in these sophisticated scams highlights the pressing need for enhanced security measures and greater user awareness in the crypto community.

According to reports, approximately $1.19 billion was lost to crypto security incidents in the first half of 2024. Over $900 million of these losses were due to phishing attacks and seed phrase compromises.

Date Victim Method of Attack Reported Loss
July 3 TraderPaul04 Phone call, fake password reset link No financial loss reported
July 7 Anonymous Phone call, fake email, seed phrase partial reveal $1.7 million
July 7 Alex Miller Phone call, Coinbase API verification No financial loss reported
July 7 Beanx Phone call, fake login attempt alert No financial loss reported

Recommendations for Crypto Users

In light of the increasing frequency and sophistication of these scams, several security measures are recommended for crypto users:

  • Never Share Seed Phrases: Never share your seed phrase, even partially, with anyone.
  • Verify Contact Legitimacy: Always verify the legitimacy of any contact claiming to be from a financial institution by calling their official customer service numbers directly.
  • Update Security Measures Regularly: Regularly update API keys and other security settings on crypto-related accounts.
  • Stay Informed on Scams: Stay updated on the latest scam tactics to better recognize and avoid them.

The recent wave of attacks impersonating Coinbase representatives underscores the ongoing threats faced by cryptocurrency users. With significant amounts of money at stake, it is crucial for users to remain vigilant and adhere to stringent security practices. The financial and emotional toll of such scams can be devastating, highlighting the urgent need for both personal diligence and enhanced security measures within the industry.

Related Articles

Rivian Adds YouTube, Google Cast, and SiriusXM to Its EVs
Kripto

Rivian Adds YouTube, Google Cast, and SiriusXM to Its EVs

Rivian has expanded its in-car entertainment features, introducing YouTube, Google Cast, and...

Sony invests 0 million to become Kadokawa’s largest shareholder
Kripto

Sony invests $320 million to become Kadokawa’s largest shareholder

Sony Group has announced plans to deepen its stake in Kadokawa Corporation,...

Bitfinex Hacker Issues Statement Following Sentencing
Kripto

Bitfinex Hacker Issues Statement Following Sentencing

Ilya Lichtenstein, the notorious hacker behind the 2016 Bitfinex cryptocurrency exchange heist,...

Nigerian SEC Introduces Stricter Regulations for Crypto Marketing
Kripto

Nigerian SEC Introduces Stricter Regulations for Crypto Marketing

The Nigerian Securities and Exchange Commission (SEC) has revised its regulations concerning...