Coinbase domain name reportedly used by scammers in high-profile attacks

Update (July 7 at 9:33 PM UTC): This article has been updated to include Coinbase’s response.

Coinbase users have taken to Twitter to report scams and phishing attacks involving the company’s services and apps in recent weeks, including allegations that the scammers are using the cryptocurrency exchange’s domain name.

It was the most recent case a statement on July 7 by a Twitter user identified as Daniel Mason, who allegedly received texts and emails from scammers with links within the Coinbase.com domain.

The scammer contacted Mason using a real phone number, then fired off an email from the Coinbase.com domain, followed by a phishing text message directing him to the Coinbase subdomain URL, before verifying Mason’s address, social security number, and driver’s license number.

As Mason notes, the conman was well-spoken and spoke English. The scammer reportedly said during a phone call that Mason would receive an email from Coinbase regarding an alleged breach of his account. Immediately, an email arrived from help@coinbase.com. “Did he file a case on my behalf? Or gain access to Coinbase’s mail servers?” Mason commented on Twitter.

Mason’s experiment is one of several on the social media platform reporting security incidents related to the cryptocurrency exchange. A quick look at Coinbase’s support page shows that users are complaining of several types of scams, including phishing on the Coinbase Wallet and criminals using the company’s web address.

Cointelegraph spoke with a victim of a similar approach. The person, who requested anonymity, claims to have called the Coinbase support line to verify the authenticity of an email related to the hacked user account. The employee then confirmed that it was a real connection, but that the email was the work of a hacker.

“A Coinbase employee befriended a hacker as a Coinbase employee, who then stole my cryptocurrency. They then tied me up before I could be held accountable, despite a witness, the time and date of the call, and the employee I spoke to,” the individual said. The case is now under litigation. Among the frozen and stolen funds, the victim claims to have lost nearly $50,000 in assets.

The reports follow the same pattern as attacks On Twitter user Jacob Canfield. Canfield reportedly received a text and phone call from a scammer on June 13, citing an alleged change in two-factor authentication (2FA).

“Then they sent me to the ‘security’ team to verify my account to avoid being suspended for 48 hours. They had my name, email, and location and sent an email with a ‘verification code’ from help@coinbase.com to my personal email,” Canfield explained, adding that the criminal was “infuriated.” and hung up the phone” when told the code would not be sent.

The email is help@coinbase.com included On the exchange’s support page as the official, trusted address. The company’s blog also states that its employees will never ask users for passwords or two-step verification codes nor will they request remote access to devices.

In a statement to Cointelegraph, Coinbase said it has “extensive security resources dedicated to educating customers about preventing phishing attacks and scams. We work with international law enforcement to ensure that anyone who defrauds Coinbase customers is prosecuted to the fullest extent of the law.”

Security professionals recommend strong, unique passwords for crypto accounts and enable two-factor authentication (2FA) on apps.

The Journal: $3.4 Billion in Bitcoin in a Popcorn Box – The Story of the Silk Road Hacker

AttacksCoinbasedomainHighProfilereportedlyScammers
Comments (0)
Add Comment