Coinbase was caught in a fraud case. Scammers defrauded multiple users within a week, with the highest amount being as much as $1.7 million

According to reports, in the past week, at least three Coinbase users and one crypto user have claimed to have been attacked by scammers impersonating Coinbase employees, with one victim reporting a loss of $1.7 million.

Edge & Node Co-founder Tegan Kline Helps a Friend Speak Out

On July 7, Edge & Node co-founder Tegan Kline shared on X the case of a "good friend" who was scammed out of $1.7 million from their self-custody wallet a day earlier.

The victim said the scammer called claiming they were from Coinbase’s security team and sent an email that appeared to be from Coinbase, confirming that the victim was “talking to an official representative of Coinbase.”

The scammer claimed the victim’s wallet was “directly connected to the blockchain,” causing transactions to flow out of the wallet.

The scammer then sent another email that appeared to be from Coinbase, showing an outgoing transaction.

The scammer directed the victim to a website to enter their seed phrase to stop the transaction.

The victim knew the seed phrase was “unsafe” but entered “part” of their phrase anyway, without submitting it fully.

Within hours, $1.7 million disappeared from the victim’s wallet.

Hiro Systems CEO Alex Miller Narrowly Avoids Scam

Hiro Systems CEO Alex Miller shared that he was recently contacted by a scammer impersonating someone from Coinbase using a similar scheme.

He believes his information might have been leaked in 2022 from CoinTracker’s email service provider database.

“Specifically, they were using the Coinbase API key connected to CoinTracker to verify they were me (along with other information),” he said.

“If you have been using CoinTracker, at least rotate your API keys,” Miller advised.

Miller mentioned that these sites can “capture data as you type it in,” and the partial disclosure of seed phrases might be enough for “bad actors to brute force the rest.”

Majority of Users Suffer Similar Scams

On July 3, X user “TraderPaul04” shared their experience of a “quite sophisticated” social engineering attempt.

A fake Coinbase representative called them, claiming their account had login attempts from different cities.

TraderPaul stated that “a US male pretending to be a Coinbase employee” stated their full name and confirmed their email, then claimed to temporarily lock their Coinbase account, sending a fake password reset link aimed at stealing their account password.

TraderPaul didn’t believe it and insisted on directly calling Coinbase customer service.

The scammer “hung up” after failing to convince him otherwise.

On July 7, X user “beanx” posted that they too received a similar scam call from a fake Coinbase representative claiming “someone tried to log into my Coinbase.”

Be Aware of Cryptocurrency Scams

In the first half of 2024, approximately $1.19 billion was lost due to cryptocurrency security incidents, with over $900 million stolen through phishing and seed phrase leakage attacks.

To enhance the security of your cryptocurrency holdings, consider the following recommendations:

1. Use a Hardware Wallet: Store your cryptocurrency in a hardware wallet. These devices are offline and provide a high level of security against hacking and malware.
2. Enable Two-Factor Authentication (2FA): Always enable 2FA on your cryptocurrency trading accounts. This adds an extra layer of security as it requires a second form of identification in addition to your password.
3. Keep Software Updated: Regularly update your wallet software and any other tools you use to manage your cryptocurrency to ensure you have the latest security patches.
4. Use Strong, Unique Passwords: Create strong, unique passwords for your accounts. Avoid using the same password across multiple platforms.
5. Beware of Phishing Scams: Always be cautious of emails, messages, or websites asking for personal information or login credentials. Verify the source before providing any sensitive information.
6. Backup Your Wallet: Regularly back up your wallet and store it in a secure location. This can help you recover your funds in case of hardware failure or other issues.
7. Avoid Public Wi-Fi: Avoid accessing your cryptocurrency accounts over public Wi-Fi networks, as they may be insecure and susceptible to hacking.
8. Monitor Your Accounts Regularly: Keep a close eye on your accounts and transactions. Regularly check your balances and transaction history to spot any suspicious activity early.
9. Use Reputable Exchanges: Only use reputable and well-known cryptocurrency exchanges for buying, selling, and trading. Research the exchange’s security measures and user reviews before using it.
10. Educate Yourself: Stay informed about the latest security threats and best practices in the cryptocurrency space. Continuous learning will help you stay ahead of potential risks.