Watch out, Coinbase users: A nasty new wallet-draining scam is doing the rounds

(Image credit: Shutterstock / Wit Olszewski)

Cybersecurity experts have warned of an elaborate scam targeting customers of cryptocurrency exchange Coinbase.

Researchers from security firm PIXM recently discovered an email campaign whereby attackers masquerade as Coinbase to trick people into handing over their account credentials.

In the email, the user is warned that their account needs attention due to an “urgent matter”. Sometimes they need to confirm a transaction, and sometimes they need to provide additional information to prevent their account from being locked.

Bypassing two-factor authentication

Regardless of the contents of the email, they always carry a heavy dose of urgency, and obviously, provide the user with a link where they can log into the platform and sort out the mess. However, the link leads to a fake webpage that looks almost identical to the real Coinbase site.

But here’s where it gets really advanced. Most users have two-factor authentication enabled, so the crooks devised a way to work around it. When a user types in their passwords, they get relayed to the actual Coinbase site, and then the crooks ask for the 2FA code as well.

To make things even worse, the victim gets redirected to a site that says “account suspended” and offers them a chance to talk to “customer support”. Yet again, this is not the actual Coinbase customer support, but rather the continuation of the scam, where the attackers try to obtain as much personally identifiable information on the victim as possible. 

The data they’re looking to obtain at this point, according to the researchers, includes phone numbers, postal addresses, emails, and estimated account balance.

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.