The exchange has fully compensated those who had funds stolen — but is now warning all of its customers to step up their security measures.
A “significant uptick” in this fraudulent activity was seen in April and May — with criminals pretending to be Coinbase in fake emails that warned victims they had been locked out of their accounts. The links in these messages often directed recipients to copycat versions of the exchange’s official site — all with the aim of getting them to enter their login details.
In another concerning development, those behind the phishing attacks also attempted to infiltrate Hotmail accounts by masquerading as the Microsoft Authenticator app, which adds another layer of security on top of passwords. Pressing the wrong button would have left an attacker able to read the victim’s emails.
Customers who fell for the phishing attack were later contacted directly by Coinbase — and according to an email template published on the California Attorney General’s website, the exchange has fully compensated all of those who had funds stolen as a result. That isn’t a luxury that many phishing victims often have.
The exchange has taken the opportunity to remind users how to stay safe online — all while stressing that its security infrastructure wasn’t breached as a result of the phishing attacks.
Those who use SMS messages for two-factor authentication were also urged to upgrade to stronger methods like Google Authenticator — and above all, customers were encouraged to question everything. Coinbase stressed it will never contact its users asking for a password — and advised users to check whether the domain names used for emails and landing pages match an official company’s.