Users of Coinbase, one of the world's largest centralized cryptocurrency exchange platforms by trading volume, are currently under threat as a new and sophisticated phishing scam allegedly targets them, aiming to drain their funds.

The crypto market is currently in turmoil due to the ongoing crackdown and regulatory enforcement by the U.S. Securities and Exchange Commission (SEC).

While the exchange is already dealing with a lawsuit filed by the SEC over allegations of security law violations, popular crypto trader and entrepreneur Jacob Canfield warned his Twitter followers about a new scam he successfully foiled. According to Canfield, this scam targets Coinbase users with the intention of draining their funds.

The entrepreneur shared that the scam started with a text message informing him that his Coinbase two-factor authentication (2FA) had been changed.

Following that, he received three calls from individuals claiming to be Coinbase customer support. They inquired whether he was traveling outside the country and requested a change in his 2FA.

Eventually, the malicious actors informed Canfield that the supposed request to change his 2FA had been canceled. They then directed him to the security team to prevent his account from being suspended for 48 hours.

"They had my name, email, and location and sent a 'verification code' email from help@coinbase.com to my personal email," Canfield shared with his Twitter followers.

The malicious actor requested the verification code, but Canfield refused to provide it. "He then got angry and hung up the phone on me," the entrepreneur said.

"For those unaware, the code they sent was my actual 2FA, but they sent it from their own email and were logging into my account to drain it while we were on the phone," Canfield disclosed.

Based on the screenshots provided by the crypto trader, the malicious actors appeared to be from Coinbase, but the emails were sent from an Amazon email provider.

Canfield admitted he has no idea how or why he was targeted but speculated that his data may have come from a data breach involving a third party.

"There was a lot of sophistication, coordination, and thought put into this scam. They're going to trick a lot of people out of their money," the entrepreneur added.

In a follow-up tweet, the crypto trader shared that he was contacted by a white hat hacker who identified his vulnerabilities and exploited his information.

"I had a long chat with him, and he gave me a few helpful tips. He also emailed me (without me giving it to him) to my personal email, providing a list of all my data breaches," he mentioned. Canfield further stated, "It appears that my data was exploited in a Gemini 2022 data breach (never heard anything about that), MGM Resorts, Ledger (Newsletter) - never owned one, and about 20+ others."

A phishing scam occurs when someone pretends to be another person, typically a representative of a business or company, in order to trick unsuspecting victims into willingly sharing private information.

The majority of these phishing scams aim to obtain personal crypto wallet keys by sending official-looking emails requesting the victim's login data.

Coinbase has not yet released any statement regarding this issue.

People watch as the logo for Coinbase Global Inc, the biggest U.S. cryptocurrency exchange, is displayed on the Nasdaq MarketSite jumbotron at Times Square in New York
Reuters
Read more