Update (July 7 9:33pm UTC): This article has been updated to include Coinbase’s response.
Coinbase users have been taking to Twitter to report scams and phishing attacks involving the company’s services and apps in recent weeks, including claims that scammers are using the cryptocurrency exchange’s domain name.
The most recent case was revealed on July 7 by a Twitter user identified as Daniel Mason, who allegedly received text messages and emails from scammers with links under the Coinbase.com domain.
The scammer contacted Mason using a real phone number, then sent an email from a Coinbase.com domain, followed by a phishing text message directing him to a Coinbase subdomain URL, before verifying the address, Mason’s social security number and driver’s license number.
I founded an identity/security company.
I am currently building an authentication company.
But my Coinbase account was *almost* phished.
This is the (second) most legitimate fraud attack I have personally experienced. Wild story below.
— Daniel Mason (SF next week) (@dgmason) July 7, 2023
As Mason points out, the scammer was well-spoken and a native English speaker. The scammer reportedly said during a phone call that Mason would receive an email from Coinbase about an alleged breach of his account. Immediately, an email arrived from email@example.com. “He created a case on my behalf? Or access Coinbase mail servers?” Mason commented on Twitter.
Mason’s experience is one of many on the social media platform reporting security incidents involving crypto sharing. A brief look at Coinbase’s support page shows users complaining about various types of scams, including Coinbase Wallet phishing and criminals using the company’s web address.
Cointelegraph spoke to a victim of a similar approach. The person, who asked to remain anonymous, claims to have called Coinbase’s support line to verify the authenticity of an email about the user’s account being compromised. The employee later confirmed that it was a real communication, but the email was the work of a hacker.
“A Coinbase employee authenticated a hacker as a Coinbase employee, who then stole my crypto. They then hung up on me before not taking any responsibility, even though I had a witness, the time and date of the call, and the employee I spoke to,” the individual said. The case is now under litigation. Between the frozen and stolen funds, the victim claims to have lost approximately $50,000 in assets.
The reports follow the same pattern as the stroke on Twitter user Jacob Canfield. Canfield reportedly received a text message and phone calls from a scammer on June 13, citing an alleged change to his two-factor authentication (2FA).
I just got hit with one of the most complex scams in #crypto that I have seen to date.
Please read if you use @coinbase.
This just happened 15 minutes ago.
THIS IS A WARNING TO ALL COINBASE USERS!
There has been some kind of data breach.
Me first… pic.twitter.com/aOVWLpAtY4
—Jacob Canfield (@JacobCanfield) June 13, 2023
I was then sent to the ‘security’ team to verify my account to avoid a 48 hour suspension. They had my name, my email and my location and they sent an email with a ‘verification code’ from firstname.lastname@example.org to my personal email,” Canfield explained, adding that the criminal “got angry and hung up the phone ” when they told him the code. it would not be sent.
The email email@example.com is listed on the exchange’s support page as an official and trusted address. The company blog also states that its staff will never ask users for passwords or two-step verification codes and will not ask for remote access to devices.
In a statement to Cointelegraph, Coinbase said it has “extensive security resources dedicated to educating customers on preventing phishing attacks and scams.” We work with international law enforcement to ensure that anyone who defrauds Coinbase customers is prosecuted to the fullest extent of the law.”
Security specialists recommend strong, unique passwords for cryptographic accounts and enabling 2FA in apps.
Magazine: $3.4B Bitcoin in a Popcorn Can: The Silk Road Hacker Story
This post Coinbase Domain Name Reportedly Used by Scammers in High-Profile Attacks
was published first on https://cointelegraph.com/news/coinbase-domain-name-reportedly-used-by-scammers-in-high-profile-attacks