Onchain sleuth ZachXBT claimed that Coinbase users lost more than $65 million between December 2024 and January 2025 from falling victim to social engineering scams.
He stated the estimated $65 million is likely “much lower” than the actual amount as it does not take into account cases filed to Coinbase support and to the police.
According to ZachXBT’s X post, one social engineering scammer used personal information stolen from private databases to convince a victim that there had been multiple unauthorized login attempts to their account.
The scammer then sent a false email disguised as one from Coinbase with a fake case identification number, which instructed the victim to transfer funds to a Coinbase Wallet and whitelist a specific address.
“Scammers clone the Coinbase site nearly 1:1 and allow the scammers to send different prompts to the target via spoofed emails using panels,” ZachXBT wrote. “There are many Telegram channels where scammers advertise them.”
While the onchain sleuth estimated yearly losses from social engineering scams to be more than $300 million, ZachXBT criticized Coinbase for failing to address such scams correctly.
“Coinbase needs to urgently make changes as more and more users are being scammed for tens of millions every month,” ZachXBT said. “Other major exchanges do not have similar panels created by scammers for fraud.”
ZachXBT alleged that scammers’ addresses are left unreported by Coinbase most of the time, even if the thefts have gone on for several weeks.
“A Coinbase employee told people on X to stop using VPNs to avoid being flagged as suspicious, meanwhile threat actors will explicitly block VPNs from phishing sites,” ZachXBT said. “This shows Coinbase’s failure to diagnose the actual problem.”
The onchain urged leadership at Coinbase to consider strengthening measures against social engineering attacks, including making inputting phone numbers on the platform optional for KYC-verified users, adding a beginner user account type that restricts withdrawals and improving community outreach.
The Block reached out to Coinbase for comment.
Disclaimer: The Block is an independent media outlet that delivers news, research, and data. As of November 2023, Foresight Ventures is a majority investor of The Block. Foresight Ventures invests in other companies in the crypto space. Crypto exchange Bitget is an anchor LP for Foresight Ventures. The Block continues to operate independently to deliver objective, impactful, and timely information about the crypto industry. Here are our current financial disclosures.
© 2024 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.
免责声明:本文章仅代表作者个人观点,不代表本平台的立场和观点。本文章仅供信息分享,不构成对任何人的任何投资建议。用户与作者之间的任何争议,与本平台无关。如网页中刊载的文章或图片涉及侵权,请提供相关的权利证明和身份证明发送邮件到support@aicoin.com,本平台相关工作人员将会进行核查。
