ZachXBT claims Coinbase users lost over $65 million to social engineering scams in last two months
Quick Take
- ZachXBT reported that Coinbase users lost over $65 million due to social engineering scams between December 2024 and January 2025.
- Scammers employed personal data from private databases to deceive victims into believing their accounts had unauthorized login attempts.
Onchain sleuth ZachXBT claimed that Coinbase users lost more than $65 million between December 2024 and January 2025 from falling victim to social engineering scams.
He stated the estimated $65 million is likely “much lower” than the actual amount as it does not take into account cases filed to Coinbase support and to the police.
According to ZachXBT’s X post, one social engineering scammer used personal information stolen from private databases to convince a victim that there had been multiple unauthorized login attempts to their account.
The scammer then sent a false email disguised as one from Coinbase with a fake case identification number, which instructed the victim to transfer funds to a Coinbase Wallet and whitelist a specific address.
“Scammers clone the Coinbase site nearly 1:1 and allow the scammers to send different prompts to the target via spoofed emails using panels,” ZachXBT wrote. “There are many Telegram channels where scammers advertise them.”
While the onchain sleuth estimated yearly losses from social engineering scams to be more than $300 million, ZachXBT criticized Coinbase for failing to address such scams correctly.
“Coinbase needs to urgently make changes as more and more users are being scammed for tens of millions every month,” ZachXBT said. “Other major exchanges do not have similar panels created by scammers for fraud.”
ZachXBT alleged that scammers’ addresses are left unreported by Coinbase most of the time, even if the thefts have gone on for several weeks.
“A Coinbase employee told people on X to stop using VPNs to avoid being flagged as suspicious, meanwhile threat actors will explicitly block VPNs from phishing sites,” ZachXBT said. “This shows Coinbase’s failure to diagnose the actual problem.”
The onchain urged leadership at Coinbase to consider strengthening measures against social engineering attacks, including making inputting phone numbers on the platform optional for KYC-verified users, adding a beginner user account type that restricts withdrawals and improving community outreach.
The Block reached out to Coinbase for comment.
Disclaimer: The Block is an independent media outlet that delivers news, research, and data. As of November 2023, Foresight Ventures is a majority investor of The Block. Foresight Ventures invests in other companies in the crypto space. Crypto exchange Bitget is an anchor LP for Foresight Ventures. The Block continues to operate independently to deliver objective, impactful, and timely information about the crypto industry. Here are our current financial disclosures.
© 2024 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.
