A TikTok user went viral for reporting a new phishing scam targeting Coinbase users. This sophisticated attacker used a US-based phone number and accent, and apparently sent genuine Coinbase emails.
Ultimately, however, the attack did not work. At several points, the intended victim expressed skepticism and unwillingness to reveal private information, and the scammer eventually hung up in frustration.
A New Phishing Technique Targeting Coinbase Users
Various crypto scams are at an epidemic level right now, and new theft tactics are surfacing every day. Sophisticated phishing attacks have focused on Coinbase users since last year, and the trend is only increasing.
Steve (@tripiville), a TikTok user, recently went viral for describing a new phishing attack:
“It was a California number. An American voice, fluent English. He said, ‘This is Coinbase. There’s been an alert on your account—a request to change your email and phone number.’ He told me I’d receive a link. I checked the sender, and it was from Coinbase.com,” the user said.
The user first received a voicemail from what sounded like an automated Coinbase message, warning of suspicious activity. Then came a phone call. The caller claimed someone had tried to access the user’s email through Coinbase’s live chat support.
This scam stands out for its sophistication. It’s a phishing attempt disguised as a warning about phishing—tricking users into trusting the call by pretending to protect them.
It taps into a powerful psychological trigger — fear. Even if a user suspects the call might be fake, they feel compelled to respond—because the message is about a possible threat to their account.
“The phishing link showed a pop-up that allowed me to disconnect my third-party wallets, and it even had the metamask logo. It prompted me to input my passkey, which I understood that I should not do,” said Steve.
Impersonating Coinbase Support has been a particularly common phishing tactic. Coinbase is one of the world’s largest exchanges, and its “beginner-friendly” reputation may encourage predators to attack its clientele.
Moreover, the platform suffered a major insider leak in May, exposing troves of sensitive user data.
It seems that compromised data played a key role in this new Coinbase phishing scam. The hackers told Steve that they had his name, email, phone number, and other personally-identifying information to build trust.
Although the potential victim expressed skepticism from the beginning, the apparent use of a genuine Coinbase email kept him on the hook.
Last month, hackers exposed a method to compromise Trezor’s support emails, sending malware-filled messages through the company’s official channels.
Ultimately, despite the Coinbase impersonators’ sophisticated techniques, the phishing attempt did not work because the target was well aware of the security aspects involving digital assets.
However, such tactics could potentially harm those who are new to crypto.
Crypto criminals are looking for easy targets, not to maintain a long-term facade. If a user ends a call with genuine Customer Support agents, waits a few minutes, and calls again, they could easily speak with another employee.
A scammer, however, might write this customer off as a waste of time.
The post Scammers are Targeting Coinbase Users Via Sophisticated Phishing Calls appeared first on BeInCrypto.
