A recent scam involving fraudsters posing as Coinbase representatives has led to the theft of $1.7 million from a self-custody wallet. The scammer deceived the victim into revealing part of their seed phrase, resulting in the loss of their funds.
Scammers Impersonating Coinbase Steal $1.7 Million from Crypto User's Self-Custody Wallet
According to a victim who alleged they lost $1.7 million, a fraudster contacted them and claimed to be from Coinbase. The scammer also sent emails that originated from the crypto exchange.
In the past week, at least three Coinbase users and one crypto user have reported being targeted by fraudsters who impersonate Coinbase. One victim has claimed to have been defrauded of $1.7 million.
On July 7, Tegan Kline, the co-founder of Edge & Node, provided X with an explanation from a "good friend"who had their self-custody wallet emptied of $1.7 million the day before. A fraudster deceived the friend into disclosing a portion of their seed phrase.
According to Cointelegraph, the victim reported that the fraudster contacted them, claiming to be from Coinbase's security team. The scammer then sent the victim an email that appeared to be from Coinbase, confirming that the victim was "speaking to an official representative at Coinbase."
The fraudster asserted that the victim's wallet was "connecting directly with the blockchain," which resulted in transactions being issued from the wallet. After that, the fraudster sent an additional email that purported to originate from Coinbase and displayed an outgoing transaction.
The scammer directed the victim to a website where they could input their seed phrase to halt the transactions. Despite being aware that the website was "not secure," the victim entered a portion of their phrase without submitting it.
They alleged that $1.7 million was withdrawn from their wallet hours later.
Hiro Systems CEO Warns of Sophisticated Coinbase Impersonation Scams Capturing Seed Phrases
According to Alex Miller, CEO of Hiro Systems, these websites are "capturing data as you enter it," even without submitting it. The victim's partial disclosure of their seed phrase was likely sufficient for “the bad guys [to] brute force the rest.”
Miller also disclosed that he was recently contacted by a fraudster who falsely identified himself as a representative of Coinbase and employed a comparable scheme. He believes that CoinTracker's email service provider database may have compromised his information in 2022.
“Specifically, they were using the Coinbase API key connecting to CoinTracker to verify that they were me (in addition to other info),” he said. “At the very least cycle your API keys if you have been using CoinTracker,” Miller advised.
On July 3, X user "TraderPaul04" disclosed a "pretty sophisticated" social engineering attempt by a fictitious Coinbase representative who contacted them, asserting that a login attempt had been made to their account from a different city.
Trader Paul stated that "an American male claiming to be a Coinbase employee" provided their full name and confirmed their email address before claiming to have temporally locked their Coinbase account. The individual then sent a phony password reset link to obtain their account password.
However, TraderPaul was not persuaded and persisted in contacting Coinbase customer service directly. The scammer "hung up" after failing to convince him otherwise.
On July 7, X user "beanx" also shared a similar scam call with a fictitious Coinbase representative who claimed that "someone attempted to login to my Coinbase."
Coinbase did not respond to Cointelegraph's request for comment.
In the first half of 2024, crypto security incidents resulted in a loss of approximately $1.19 billion. Phishing and seed phrase compromise attacks stole over $900 million.
Photo: Microsoft Bing
Comment 0