Over $65 Million Lost by Coinbase Users to Social Engineering Scams, Claims ZachXBT
Crypto News

Over $65 Million Lost by Coinbase Users to Social Engineering Scams, Claims ZachXBT

2m
Created 2d ago, last updated 2d ago

Recent claims by on-chain investigator ZachXBT reveal that Coinbase users have lost over $65 million due to social engineering scams over just the two months spanning December 2024.

Over $65 Million Lost by Coinbase Users to Social Engineering Scams, Claims ZachXBT

Recent claims by on-chain investigator ZachXBT reveal that Coinbase users have lost over $65 million due to social engineering scams over just the two months spanning December 2024 to January 2025. According to ZachXBT, the figure likely underestimates the total losses, as it does not account for cases reported to Coinbase support or law enforcement.

View post on Twitter

Scammers have reportedly utilized personal data obtained from private databases to deceive victims. One tactic involved impersonating Coinbase to notify victims of supposed unauthorized login attempts.

Victims received fraudulent emails that appeared to come from Coinbase, complete with fake case identification numbers. These emails instructed victims to transfer funds to a Coinbase Wallet and whitelist a specified address.

ZachXBT highlighted that scammers often replicate the Coinbase website almost identically, enabling them to send tailored prompts to potential victims through spoofed emails. He also pointed to several Telegram channels where these scams are actively promoted.

The estimated yearly losses from social engineering scams, according to ZachXBT, exceed $300 million.

He criticized Coinbase for not adequately addressing these scams, stating, “Coinbase needs to urgently make changes as more and more users are being scammed for tens of millions every month.” He noted that other major exchanges do not have similar issues with scam panels.

Moreover, ZachXBT alleged that Coinbase frequently fails to report the addresses used by scammers, despite ongoing thefts. He mentioned a Coinbase employee's suggestion for users to avoid VPNs to prevent being marked as suspicious, highlighting a disconnect in the platform’s understanding of the threat landscape.

To combat these issues, ZachXBT urged Coinbase leadership to strengthen protections against social engineering attacks, including making phone number input optional for KYC-verified users and creating a restricted account type for beginners.

This article contains links to third-party websites or other content for information purposes only (“Third-Party Sites”). The Third-Party Sites are not under the control of CoinMarketCap, and CoinMarketCap is not responsible for the content of any Third-Party Site, including without limitation any link contained in a Third-Party Site, or any changes or updates to a Third-Party Site. CoinMarketCap is providing these links to you only as a convenience, and the inclusion of any link does not imply endorsement, approval or recommendation by CoinMarketCap of the site or any association with its operators. This article is intended to be used and must be used for informational purposes only. It is important to do your own research and analysis before making any material decisions related to any of the products or services described. This article is not intended as, and shall not be construed as, financial advice. The views and opinions expressed in this article are the author’s [company’s] own and do not necessarily reflect those of CoinMarketCap.
0 people liked this article