Tweeters have been relaying security-related incidents involving the cryptocurrency exchange, including allegations that scammers are launching assaults using Coinbase’s domain name.
Coinbase users have started using Twitter to report frauds and phishing attempts involving the company’s services and applications. Coinbase is a well-known bitcoin exchange. According to reports, scammers are even using the Coinbase.com domain name to engage in dishonest behavior.
On July 7, Daniel Mason, a Twitter user, revealed a recent incident in which he had received SMS and emails from con artists using the domain Coinbase.com. The scam artist, who was fluent in English, called Mason on a legitimate line and sent him an email from a Coinbase.com domain. The fraudster then sent Mason a phishing text message that sent him to a Coinbase subdomain URL where he tried to get Mason’s address, social security number, and license number.
Mason’s experience is only one of numerous security incidents with Coinbase that have been posted on social media. Concerns regarding various scams, including phishing attempts on Coinbase Wallet and criminals taking advantage of the business’s website, have been expressed by users on the Coinbase support page.
One person alleged that a Coinbase employee verified a hacker who was impersonating a Coinbase employee, which allowed their cryptocurrency to be stolen. The victim claims that Coinbase neglected to accept responsibility for the incident despite possessing proof such as witness statements and call data. The victim estimates losses of about $50,000, and the case is still in litigation.
Attacks on Twitter user Jacob Canfield showed a similar pattern. Canfield received texts and calls from a fraudster saying that his two-factor authentication (2FA) had changed. By pretending to be from Coinbase and sending an email with a “verification code” from email@example.com, the thief tried to verify Canfield’s account. The con artist grew irate and cut off the phone when Canfield refused to give him the code.
On Coinbase’s support page, the email address firstname.lastname@example.org, which was utilized in the fraudulent activity, is listed as a valid and genuine address. On its official blog, Coinbase specifically emphasizes that none of its employees will ever request passwords, two-step verification codes, or remote access to consumers’ devices.
These reports demonstrate the rising frequency of phishing and scams that target Coinbase users. Scammers are using strategies including posing as Coinbase workers, sending emails from what appear to be real addresses, and calling and texting victims.
Users of Coinbase and the larger cryptocurrency community must therefore be on the lookout for scams and be careful when interacting with emails purporting to be from Coinbase. It is crucial to confirm the legitimacy of emails, calls, and URLs, and users should exercise caution when disclosing personal information or clicking on dubious links.