ZachXBT claims Coinbase users lost over $65 million to social engineering scams in last two months
Quick Take ZachXBT reported that Coinbase users lost over $65 million due to social engineering scams between December 2024 and January 2025. Scammers employed personal data from private databases to deceive victims into believing their accounts had unauthorized login attempts.
Onchain sleuth ZachXBT claimed that Coinbase users lost more than $65 million between December 2024 and January 2025 from falling victim to social engineering scams.
He stated the estimated $65 million is likely “much lower” than the actual amount as it does not take into account cases filed to Coinbase support and to the police.
According to ZachXBT’s X post , one social engineering scammer used personal information stolen from private databases to convince a victim that there had been multiple unauthorized login attempts to their account.
The scammer then sent a false email disguised as one from Coinbase with a fake case identification number, which instructed the victim to transfer funds to a Coinbase Wallet and whitelist a specific address.
“Scammers clone the Coinbase site nearly 1:1 and allow the scammers to send different prompts to the target via spoofed emails using panels,” ZachXBT wrote. “There are many Telegram channels where scammers advertise them.”
While the onchain sleuth estimated yearly losses from social engineering scams to be more than $300 million, ZachXBT criticized Coinbase for failing to address such scams correctly.
“Coinbase needs to urgently make changes as more and more users are being scammed for tens of millions every month,” ZachXBT said. “Other major exchanges do not have similar panels created by scammers for fraud.”
ZachXBT alleged that scammers’ addresses are left unreported by Coinbase most of the time, even if the thefts have gone on for several weeks.
“A Coinbase employee told people on X to stop using VPNs to avoid being flagged as suspicious, meanwhile threat actors will explicitly block VPNs from phishing sites,” ZachXBT said. “This shows Coinbase’s failure to diagnose the actual problem.”
The onchain urged leadership at Coinbase to consider strengthening measures against social engineering attacks, including making inputting phone numbers on the platform optional for KYC-verified users, adding a beginner user account type that restricts withdrawals and improving community outreach.
The Block reached out to Coinbase for comment.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Megabit will officially launch PIPPIN/USDT contract trading at 18:00 SGT today
US Treasury sued for providing sensitive information to Elon Musk's DOGE
Analyst: The current market reaction to the news shows that it is more bearish at this stage
Trending news
MoreCrypto prices
More
