Main navigation

Crypto Scam: Sophisticated Social Engineering Attack Targets Coinbase Users

Wed, 06/14/2023 - 15:55
article image
Vladislav Sopov
Seasoned trader and investor Jacob Canfield shares details of 'one of the most complex scams in crypto' he has ever seen
Crypto Scam: Sophisticated Social Engineering Attack Targets Coinbase Users
Cover image via
Read U.TODAY on
Google News

Seasoned trader Jacob Canfield shared his story of almost being scammed by malefactors. The next day, an anonymous whitehat hacker approached him and gave him a few security tips: the trader was contacted by email and phone number that he never shared with the hacker.

Beware: All Coinbase users should change passwords and 2FA credentials

A series of social engineering attacks targets all users of Coinbase, the largest U.S. cryptocurrency exchange ecosystem. Malefactors contact traders and inform them that their password and 2FA settings are allededly changed. Professional trader and investor Jacob Canfield was among those reached by scammers.

First, such information was sent via SMS, but then the scammers started calling Canfield from a San Francisco-registered phone number.

The trader stressed that he never used SMS as an instrument for 2FA. That is, the entire process of "verification" looked strange to him from the very beginning. However, he then received an email from real Coinbase server that included his 2FA code from an active account.

He called this social engineering attack one of the most sophisticated of all time as it includes interaction with a legit Coinbase support unit.

As it stands, it looks like the email from Coinbase is legit and is automatically sent when you request a support ticket to verify your account.

The working theory is that the scammers were on live chat or on a phone call with the actual @coinbase support and they requested a code verification. This would have then granted them access to the account I believe.

Canfield added that he has information about 30+ users of Coinbase who were targeted by the same scam campaign.

Gemini 2022 data breach might be to blame, white hat hacker says

However, the spiciest thing is the fact that Canfield was contacted by a whitehat hacker who allegedly knows the design of the attack.

He reached the trader by phone and an email that he never shared. The whitehat hacker opined that the Coinbase attacker might use dumps of personal data obtained in previous large-scale attacks:

It looks like my data was exploited in a Gemini 2022 data breach (never heard anything about that), MGM Resorts, Ledger (Newsletter) - never owned one, and about 20+ others.

Canfield is going to create his own guide to cyber security considering the experience of a failed hack attempt and a conversation with a hacker.

article image
About the author

Blockchain Analyst & Writer with scientific background. 6+ years in IT-analytics, 3+ years in blockchain.

Worked in independent analysis as well as in start-ups (, Monoreto, Attic Lab etc.)