- Coinbase users lost $45 million to scams in the last week, according to ZachXBT
- Scammers used social engineering tactics to steal the funds
- ZachXBT noted that “no other major exchange has the same problem”
On-chain sleuth ZachXBT has revealed that Coinbase users lost $45 million to scams in the last seven days. He noted that scammers are targeting Coinbase users using social engineering schemes, an issue he said is unique to the exchange because “no other major exchange has the same problem.” The on-chain investigator disclosed that malicious actors have siphoned “nine figures” from the exchange’s users “over the past few months,” indicating that scammers may be finding it easy to scam Coinbase users compared to users on other crypto trading platforms.
Scammers Use Spoofed Phone Numbers and Private Databases
In a previous post, ZachXBT noted that scammers are calling victims using spoofed phone numbers and using personal information “obtained from private dbs [databases] to gain their trust.” They then tell the victims that their account has “multiple unauthorized login attempts.”
4/ The scammer called the victim from a spoofed phone number and used personal information obtained from private dbs to gain their trust.
After they told the victim their account had multiple unauthorized login attempts.
(Coinbase will NEVER call you)
— ZachXBT (@zachxbt) February 3, 2025
The scammers also use an email that resembles that of Coinbase to send a fake case ID to the victim, cementing their trust, and later ask them to send funds to a Coinbase Wallet “and whitelist an address while ‘support’ verifies their account security.”
<blockquote class=”twitter-tweet” data-conversation=”none”><p lang=”en” dir=”ltr”>5/ They then sent a spoofed email which appeared to be from Coinbase with a fake Case ID further gaining trust. <br><br>They instructed the victim to transfer funds to a Coinbase Wallet and whitelist an address while “support” verified their accounts security. <a href=”https://t.co/pOTQpnMfCz”>pic.twitter.com/pOTQpnMfCz</a></p>— ZachXBT (@zachxbt) <a href=”https://twitter.com/zachxbt/status/1886411920510472386?ref_src=twsrc%5Etfw”>February 3, 2025</a></blockquote> <script async src=”https://platform.twitter.com/widgets.js” charset=”utf-8″></script>
A 1:1 Coinbase Clone
ZachXBT noted that the malicious actors “clone the Coinbase site nearly 1:1” and then use social media to advertise the fake sites. The on-chain sleuth partly blamed the exchange for not protecting its users and failing to report scammers’ addresses in compliance tools.
10/ So where does the blame lie?
a) For the vast majority of the time these theft addresses are not being reported at all by Coinbase in popular compliance tools even after the thefts went on for weeks.
b) Multiple victims who have contacted me get stuck with useless customer… pic.twitter.com/ssYL2wN5iO
— ZachXBT (@zachxbt) February 3, 2025
He also said that victims are “stuck with useless customer support agents” and a hard-to-reach exchange team, something he termed “unacceptable” for a 24/7 market. ZachXBT urged Coinbase to take legal action against the scammers, improve community outreach, and improve its security to discourage the scammers.
With Coinbase users losing over $300 million to scammers annually, it’s likely that the malicious actors will replicate the tactics on other popular crypto exchanges like Bybit, Binance, and OKX.
