Author

Topic: [Warning]: Ongoing Coinbase phishing attack and other exchanges (Read 163 times)

legendary
Activity: 2576
Merit: 1655
It's really growing and this criminals are taking it one step ahead of everyone to even have a chat support to feel like you are talking to a real Coinbase personnel.

Nevertheless, we don't want anyone to be a victim and so we have a duty to spread this kind of awareness, specially to newbies in this crypto market. There are a lot of scammers  that is going to spoof and will send you emails to get you to click and give them your accounts.

And so we really need to be very very careful, yes might be better if you put a different email for your crypto related stuff and personal email.

Might be good as well to have sticky notes in front of your laptop or desktop once you email your crypto emails that don't click on links specially about your exchange account.
hero member
Activity: 2660
Merit: 651
Want top-notch marketing for your project, Hire me
A crypto phishing campaign is underway right now, and they target mostly, Coinbase, Crypto.com, and KuCoin.

This is a good thing to do in helping those new to the system understand the more reasons why they need to stay far away from centralized exchanges, the recent scam with FTX has been the major trending one on the media but we still have a number of investors that have not learnt their own lesson by staying pit to sone of these listed exchanges by OP, they major their tmattacks on newbies and there's no way this exchanges can prevent any of the set target against them when hackers want to strike, the solution is to avoid the risk with them.
First of all, staying far away from CEX won't safe newbies from a phishing attack, and the best thing every crypto newbie or experienced user needs to be safe from a phishing attack is to familiarize themselves with the real site link/email notification of every crypto-related platform they are using.
As cryptocurrency trading is a concern if you're not from a crypto-friendly country where it's easy to trade crypto for fiat there's no way you won't make use of CEX at some point. I believe what's important is people not using CEX as crypto storage.
hero member
Activity: 714
Merit: 521
A crypto phishing campaign is underway right now, and they target mostly, Coinbase, Crypto.com, and KuCoin.

This is a good thing to do in helping those new to the system understand the more reasons why they need to stay far away from centralized exchanges, the recent scam with FTX has been the major trending one on the media but we still have a number of investors that have not learnt their own lesson by staying pit to sone of these listed exchanges by OP, they major their tmattacks on newbies and there's no way this exchanges can prevent any of the set target against them when hackers want to strike, the solution is to avoid the risk with them.
sr. member
Activity: 1932
Merit: 442
Eloncoin.org - Mars, here we come!
[snip]
I think I gonna change my personal email again because this one seems not safe anymore. That's why we won't just loosely use our personal emails in some random giveaways or else this kind of bad thing happened.
Well always separate your valuable information from your social media activities, especially bounty hunting or airdrops.
But I personally don't click any of what I have received in my mail inbox especially if it is in the spam box which we always suspect of possibly phishing a link. I think no need to change your email address as long as you don't click any message that has unknown links. Just ignore it and nothing will happen to you, because for me --changing email even if it is disclosed is not easy to make another one.

Thank you, OP for the heads up.
hero member
Activity: 2268
Merit: 588
You own the pen
Most of these phishing links are sent to our emails and most of them are really tempting to click such as this one.




I think I gonna change my personal email again because this one seems not safe anymore. That's why we won't just loosely use our personal emails in some random giveaways or else this kind of bad thing happened.

legendary
Activity: 2758
Merit: 1228
When I sometimes look at my spam folder in email, it looks like Coinbase phishing spam never ends. I get similar emails at least few times every month. And I don't even use Coinbase for at least 5 years, my acciunt is already closed long time ago.
But as shown in your post, sometimes scammers is getting very smart and unfortunately some people have no idea about it and falling into these trap.

Phising links mostly goes on spam folders so we should avoid clicking anything especially if this one is very suspicious to us. Its easy to verify things if legit platform ask us to do something since we can just contact the support and ask about those situation for verification.

This schemes will never stop since everyday there are newbies come on industry and doesn't know what to do so I guess having this kind of discussion what OP written about phising is really helpful since somehow this will came out on google search and they could read what people discuss about this issue.
legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
The best thing when I read news like this is that I don't worry in the least that I will do something stupid and visit a phishing link for the simple reason that I can't do that because I don't have an account with any of those CEX. Even if I have, I learned a long time ago that I save legitimate links exclusively in browser bookmarks, and even then I check them before logging in to any website.

If you receive such an e-mail, the best thing you can do is to report such a post as spam, so the filters will recognize it and automatically redirect it to spam folders where most users will not even notice it.
mk4
legendary
Activity: 2870
Merit: 3873
Paldo.io 🤖
When I sometimes look at my spam folder in email, it looks like Coinbase phishing spam never ends. I get similar emails at least few times every month. And I don't even use Coinbase for at least 5 years, my acciunt is already closed long time ago.

Same experience with my older email accounts. Hence why I started having separate emails for specific purposes using custom email domain aliases. It can be really handy with organizing emails, and for potentially determining where specific scammers manage to find your email address.
legendary
Activity: 3234
Merit: 1375
Slava Ukraini!
When I sometimes look at my spam folder in email, it looks like Coinbase phishing spam never ends. I get similar emails at least few times every month. And I don't even use Coinbase for at least 5 years, my acciunt is already closed long time ago.
But as shown in your post, sometimes scammers is getting very smart and unfortunately some people have no idea about it and falling into these trap.
mk4
legendary
Activity: 2870
Merit: 3873
Paldo.io 🤖
Just a heads up for the readers: Though sometimes there are more phishing emails being sent out to the masses more than usual, expect phishing campaigns to not stop happening at all. Always think twice when clicking links from emails, and don't be lazy and always double check.
hero member
Activity: 1414
Merit: 542
A crypto phishing campaign is underway right now, and they target mostly, Coinbase, Crypto.com, and KuCoin.

Mode of attack is the usual phishing email campaign, as the cyber criminals will impersonate Coinbase like saying that your account has been suspended.



And once you click the link, you will go to the fake website, and when you enter your credentials, the criminals will steal it at run-time login to the real Coinbase. Of course, you won't suspect anything at the beginning, because the fake website will also asked for your 2FA and then again once you enter it, they will automatically enter that to the real Coinbase website and then steal your crypto.

But this scammers will take to the next level and will asked for more info like in a live chat support.

Quote
For good measure, after successfully harvesting their target’s login information and 2-Factor pin, the attacker will now collect more information from them manually. The phishing pages will display a message that you are locked out of this account, and need to resolve it with Customer Support. Once that has displayed, a chat box appears in the bottom right corner, where the attacker will engage the target in a conversation to “recover” additional personal information related to your account, including phone number, address, email, estimated account balance, etc.This will help them should they have difficulty, or require additional validation, while they are accessing the targets account on their system. This also enabled the attacker to be live chatting with the victim to keep them engaged and distracted while draining their funds.



https://pixmsecurity.com/blog/phish/coinbase-attacks-bypass-2fa/

Again, first rule of thumb is that we shouldn't click any link that we don't know where it came from. "Think before you click".

Common sense, used it, one of our best weapon against this impersonations.
Jump to: