Update (July 7 21:33 UTC): This article has been updated to include Coinbase’s response.
In recent weeks, Coinbase users have taken to Twitter to report scams and phishing attacks related to the company’s services and apps, including allegations that the scammers are using the cryptocurrency exchange’s domain name.
It was the most recent case open on July 7 by a Twitter user identified as Daniel Mason, who allegedly received text messages and emails from scammers with links within the Coinbase.com domain.
The scammer called Mason using a real phone number, then sent him an email from the Coinbase.com domain, followed by a phishing text message directing him to the Coinbase subdomain URL, before verifying Mason’s address, social security number, and driver’s license number. .
You have incorporated an identity/security company.
I am currently building a real company.
But my Coinbase account was *almost* stolen.This is the (2nd) most legitimate scam attack I’ve personally encountered.
As Mason points out, The scammer spoke very well and his native language was English. The scammer reportedly said during a phone call that Mason will receive an email from Coinbase regarding an alleged breach of his account. An email hit him right away from [email protected]. Mason commented on Twitter: “Did you create a case on my behalf? Or did you access Coinbase’s mail servers?”
Mason’s experiment is one of many on social media platforms reporting security incidents involving cryptocurrency exchanges. A quick look at Coinbase’s support page shows that users have been complaining about various types of scams, including Coinbase Wallet phishing and criminals using the company’s web address.
Cointelegraph spoke to a victim in a similar manner. The person, who requested anonymity, claims to have called the Coinbase support line to verify the authenticity of an email about the incident on his account.. The employee then confirmed that it was a real connection, but that the email was the work of a hacker.
“A Coinbase employee documented a hacker as a Coinbase employee, then stole my cryptocurrency. Then I was scammed before I could take any responsibility, even though there was a witness, the time and date of the call, and the employee I spoke to.” said the individual. The case is now in litigation. Between frozen and stolen funds, the victim claims he lost about $50,000 in assets.
Complaints follow the same pattern he Apoplexy to a Twitter user; Jacob Canfield. Canfield allegedly received a text message and phone call from a fraudster on June 13, claiming an alleged change in two-factor authentication (2FA).
God
I have just been hit by one of the most sophisticated scams in the crypto space that I have seen to date.
Please read if you are using Coinbase.
This happened 15 minutes ago.
THIS IS A WARNING TO ALL COINBASE USERS!
There was some kind of data breach.
“Then they sent me to the ‘security’ team to verify my account to avoid being suspended for 48 hours. They had my name, email, and location and sent an email with a ‘verification code’ from [email protected] to my personal email,” Canfield said the perpetrator “got angry and hung up” when they told him the code would not be sent to him.
Email [email protected] It seems On the exchange support page as a trusted and official address. The company’s blog also states that its employees will never ask users for passwords or two-step verification codes, or request remote access to devices.
In a statement to Cointelegraph, Coinbase said it has “extensive security resources dedicated to educating customers about preventing phishing attacks and scams. We work with international law enforcement to ensure that anyone who defrauds Coinbase customers is prosecuted to the fullest extent.” the law “.
Security professionals recommend strong, unique passwords for cryptocurrency exchange or wallet accounts and enable two-factor authentication in apps.
Explanation: The information and/or opinions expressed in this article do not necessarily represent the views or editorial line of Cointelegraph. The information presented here is not to be taken as financial advice or an investment recommendation. All investment and business moves involve risks and it is the responsibility of each person to conduct the necessary research before making an investment decision.
Read on:
Investing in crypto assets is not regulated. It may not be suitable for individual investors and the entire amount invested may be lost. The offered services or products are not directed at or available to investors in Spain.
“Creator. Devoted pop culture specialist. Certified web fanatic. Unapologetic coffee lover.”