Coinbase users have taken to Twitter to share their experiences of scams and phishing attacks targeting the crypto exchange’s services and applications. In recent weeks, users have reported incidents involving scammers utilizing Coinbase’s domain name in fraudulent activities.
Coinbase users report scams using the company’s domain
One such case was disclosed on July 7 by a Twitter user named Daniel Mason, who received texts and emails from scammers using the domain Coinbase.com. The fraudster initially contacted Mason using a genuine phone number, followed by an email from a Coinbase.com domain. Subsequently, Mason received a phishing text message containing a link to its subdomain URL. The scammer then proceeded to extract personal information from Mason, including his address, social security number, and driver’s license number.
Mason noted that the scammer displayed fluency in English and sounded like a native speaker. During a phone call, the fraudster mentioned that Mason would receive an email from the exchange regarding a supposed breach of his account. True to the scammer’s word, an email arrived from help@coinbase.com. Mason questioned whether the scammer had created a case on his behalf or gained unauthorized access to the exchange’s mail servers.
Mason’s case is just one among numerous reports on social media highlighting security incidents involving Coinbase. Users have expressed concerns about various types of scams, including phishing attempts on Coinbase Wallet and criminals leveraging the company’s web address for fraudulent purposes. Another victim, requesting anonymity, claimed to have contacted Coinbase’s support line to verify the authenticity of an email regarding a compromised account. While the employee confirmed the communication was genuine, it was later revealed that the email had been sent by a hacker.
Users complaints prompt security concerns for the company
The victim expressed frustration, stating, “An employee of Coinbase authenticated a hacker as an employee of the exchange, who then stole my crypto. They then strung me along before taking no accountability, even though I had a witness, time and date of call, and the employee I spoke to.” The case is currently undergoing litigation, with the victim alleging a loss of approximately $50,000 in assets due to the incident.
These reports mirror a similar attack experienced by Twitter user Jacob Canfield. In this instance, Canfield received a text message and phone calls from a fraudster claiming there had been a change in his two-factor authentication (2FA). The scammer directed Canfield to the “security” team to verify his account and avoid a 48-hour suspension. The fraudster possessed Canfield’s name, email, and location and sent a “verification code” email from help@coinbase.com to Canfield’s email. When informed that the code would not be provided, the criminal grew angry and terminated the call.
In response to these incidents, Coinbase emphasized its commitment to security, stating that it has dedicated extensive resources to educate customers about preventing phishing attacks and scams. The company also collaborates with international law enforcement to ensure that anyone involved in scamming Coinbase customers faces legal consequences. Security specialists recommend implementing strong, unique passwords for crypto accounts and enabling two-factor authentication (2FA) on applications.
As the number of scams and phishing attempts targeting cryptocurrency users continues to rise, remaining vigilant and adhering to best security practices is crucial. Safeguarding personal information, using robust security measures, and exercising caution when interacting with suspicious messages or requests can help protect against potential threats in the digital asset landscape.
