Topic: Pretty sure Coinbase is compramised somehow... (Read 386 times)

Coinbase is useful for a few reasons, though. For one thing, zero fees to trade on GDAX (as long as you use limit orders). For another, FDIC insurance on your USD holdings when you're waiting out a correction or bear market. They are tightly regulated and compliant, so assuming a strong password and TOTP 2FA token, I feel comfortable leaving large amounts of USD there.

This all assumes that you pay your taxes and you're okay with verifying your identity. Their KYC procedure is not what I'd call "lax" and it can be difficult if you don't have a smartphone with a good camera. They basically force you to use the mobile app or your computer's webcam.

Well, this is extremely strange and it does seem to suggest that their site/database has been compromised if you genuinely only signed up hours before the phishers sent you phishing emails. Otherwise, how would they be able to gain your email and know that you're a new member of coinbase?

Even if coinbase is not compromised, you should not use it.

Their lack of customer support is disgraceful and makes the experience on their site complete shit.

Really strange, maybe the computer is compromised, I have a Coinbase account for a few years now and never had any issue and did not receive any phishing emails recently.

Strange. I recently opened a Coinbase/GDAX account a couple months ago with an Outlook email address. Never used the email anywhere else. My inbox and spam folders are still completely empty... no sign of these two phishing emails.

So, if their database was compromised, then the phishers were unable obtain my email address. That's strange, given that it was created before yours. I'm guessing the OP's setup (or another service involved) is compromised, or that the story is just BS.

Now that I've changed I'll say. It was Outlook.com

Is the email domain yours?

Do you use a third party email provider?

How reliable is the email provider?

The correlation odds on this one though are obvious I think, or I wouldn't have made a thread about it. Remember, the email was made to look like it was from my email provider, not Coinbase. It said my account had been confirmed for deactivation and to click a link to prevent that from occurring.

Plus based on how Coinbase users have been getting hacked and their accounts drained I've been reading in the media online for the past couple months, this fits the MO.

If I didn't have a proper 2FA setup from the get-go, I would half be expecting a call from my cell carrier saying that my number is being ported.

Seriously.

sadly, its incredibly easy to make an email appear as if its coming from someone when it isn't. Highly doubt this has anything to do with Coinbase

I've become increasingly and utterly discouraged by them and their lack of responses to emails.

Yes and yes. It was only a few minutes old when I signed up. I have already changed my Coinbase email to another now as well.

Is that a fresh email address and the only place you ever used it was at Coinbase and you never used it ever before?

I use Coinbase frequently and it's quite boring.

This is actually the risk on storing money on exchanges but talking about Coinbase is compromised as of now.If you do recieved phishing emails then you definitely signed up some website with your email which you did able to recieve those stuffs and if you are a complete newbie then you would end up on losing your money from your wallet once hacker do have an access to it.We should really be careful and set all the possible securities on the wallet which our coins are being stored.Regarding on the decision you do made on storing them on offline wallet its really a wise idea.

If they had come to an email client I would have exported the email as a complete file to save all that info. But this is a new email I made just to do Coinbase and I'm only accessing it via a web interface.

1 went to my inbox. I reported it as a spam email to my provider. The other went to my junk box and I set it to block. I then made sure to remove all trace of them from my account by deleted thing even from my deleted items ASAP. It was like 4 AM and just a quick knee-jerk reaction and I just went back to sleep after.

It occurred to me to maybe save them and report it to Coinbase but judging by their Reddit, I doubt it would ever get on their radar. Plus if I post the header here, it would then correlate to this forum account I have on clearnet forever for the hackers. I'm not a fan of that. Hence I'm also reluctant to say when I signed up, what email provider I used, etc.

Just to add, I tried using a VPN>Tor to signup, but Coinbase wouldn't even load so I just did it over standard https from a known uncompromised computer. Which is maybe to my advantage, as looking at the logs Coinbase keeps of account access that I can see, if I logged in with random MACs, from random countries with random IPs, they would probably lock my account and put me through ID verification hell.

This is pretty intereting, you should post the email header to see where the emails come from.

I signed up for Coinbase and within only several hours, I have received 2 separate phishing emails. What's more is these emails were specifically tailored to resemble being from my email account provider.

How would scammers get my email that I signed up with so quickly? I would say either the https on their site is compromised, their server/db are compromised, or there is an inside job going on.

Note to the n00bs: Don't be a fool, the second you setup an account for anything, always enable 2FA as the very first thing you do. YubiKey or any other physical key is a great option. Remember, if hackers compromise your Apple, Google, or Microsoft account, they can restore the cloud backup of your device to a burner device they have, and thus have access to your 2FA app for the codes. We also have been seeing for months now that hackers are getting away with porting your cell phone # which makes the SMS verification code as 2FA totally worthless.

The moment my BTC purchase funds/clears, I'll be removing my connected bank account and sending it all to an offline wallet where I have physical control over the private key.

Something doesn't feel right in Coinbase land.....