Carding Forum
Professional
- Messages
- 2,788
- Reaction score
- 1,198
- Points
- 113
Fraud cases in which criminals pretend to support Coinbase and lure out users ' seed phrases have become more frequent. One of the victims lost about $1.7 million.
On July 8, Edge & Node co-founder Tegan Kline revealed that scammers had emptied her close friend's wallet.
According to Kline's story, the scammer first called the phone allegedly on behalf of Coinbase's security service, but then began communicating via email. He warned the victim about "unauthorized access" due to a fictitious error with the connection of the wallet.
For greater accuracy, the fraudster provided additional details about transactions and personal information about the target. To cancel a suspicious transfer, the client requested verification on the website.
After clicking on the link, the victim entered part of their seed phrase. This was enough to steal all the funds in the amount of about $1.7 million from the wallet.
Alex Miller, CEO of Hiro Systems, explained that such sites "collect data as you type it," allowing criminals to pick up the rest of the original phrase.
"Never enter any information on a site that makes you feel uncomfortable. Even if you don't click Submit, scammers intercept your data as you enter it. It seems that this user entered part of his seed phrase, which was enough to reduce entropy, and the scammers used the selection method," Miller added.
He noted that he recently received a warning from the real Coinbase support team about an attempt to hack the account. According to him, hackers took advantage of the Cointracker leak and use API keys to fake an online identity.
A user under the nickname Paul04Trader also reported a "rather complex" hacking attempt, in which the fraudster pretended to be a representative of the exchange. He tried to force the victim to reveal their account password by using a fake reset link.
Another trader with the pseudonym beanx told about a similar call from a fake Coinbase representative who warned about a hacking attempt.
In June, the cryptocurrency exchange was included in the list of American brands that are most often imitated by scammers to deceive their victims. According to Mailsuite analysts, from January 2020 to March 2024, the name Coinbase was used in 416 scam schemes and phishing attacks.
On July 8, Edge & Node co-founder Tegan Kline revealed that scammers had emptied her close friend's wallet.
According to Kline's story, the scammer first called the phone allegedly on behalf of Coinbase's security service, but then began communicating via email. He warned the victim about "unauthorized access" due to a fictitious error with the connection of the wallet.
For greater accuracy, the fraudster provided additional details about transactions and personal information about the target. To cancel a suspicious transfer, the client requested verification on the website.
After clicking on the link, the victim entered part of their seed phrase. This was enough to steal all the funds in the amount of about $1.7 million from the wallet.
Alex Miller, CEO of Hiro Systems, explained that such sites "collect data as you type it," allowing criminals to pick up the rest of the original phrase.
"Never enter any information on a site that makes you feel uncomfortable. Even if you don't click Submit, scammers intercept your data as you enter it. It seems that this user entered part of his seed phrase, which was enough to reduce entropy, and the scammers used the selection method," Miller added.
He noted that he recently received a warning from the real Coinbase support team about an attempt to hack the account. According to him, hackers took advantage of the Cointracker leak and use API keys to fake an online identity.
A user under the nickname Paul04Trader also reported a "rather complex" hacking attempt, in which the fraudster pretended to be a representative of the exchange. He tried to force the victim to reveal their account password by using a fake reset link.
Another trader with the pseudonym beanx told about a similar call from a fake Coinbase representative who warned about a hacking attempt.
In June, the cryptocurrency exchange was included in the list of American brands that are most often imitated by scammers to deceive their victims. According to Mailsuite analysts, from January 2020 to March 2024, the name Coinbase was used in 416 scam schemes and phishing attacks.
