A wave of social engineering scams has led to Coinbase users losing at least $65 million between December 2024 and January 2025, according to on-chain investigator ZachXBT. He warns that the actual losses could be much higher, potentially exceeding $300 million annually if left unaddressed.
In a viral X thread, ZachXBT and Web3 security investigator tanuki42 compiled multiple reports from Coinbase users who had their funds stolen. Many victims believed they were interacting with legitimate Coinbase support when scammers tricked them into transferring funds. The fraudsters used spoofed phone numbers and cloned Coinbase websites to carry out the scams, exploiting the exchange’s security processes.
Fake Coinbase Support Drains Millions
Scammers posing as Coinbase support agents contacted victims, claiming their accounts were compromised. They followed up with a fake email that appeared to be from Coinbase, containing a fraudulent case ID. The email instructed users to transfer funds into a Coinbase Wallet for verification.
The provided link directed victims to a cloned version of Coinbase’s website, allowing scammers to manipulate the user experience in real time. Through Telegram channels, these criminals advertised phishing kits that could replicate Coinbase’s interface almost perfectly.
ZachXBT Criticizes Coinbase’s Response
Coinbase has denied systemic security issues, attributing the rise in fraudulent attempts to increased account activity following the U.S. election. “Our fraud-prevention systems are acting as expected and have saved customers tens of millions in losses in November alone,” Coinbase Support wrote.
However, ZachXBT refuted these claims, stating that Coinbase’s “aggressive risk models” have failed to prevent massive financial losses. He emphasized that most major exchanges do not suffer from similar large-scale phishing operations.
He further criticized Coinbase for not flagging scam-associated wallet addresses quickly enough, allowing stolen funds to be moved even after multiple reports. Also pointed out contradictions in the company’s security guidance. A Coinbase representative recently advised users against using VPNs to avoid being flagged as suspicious, yet scammers actively block VPN users from accessing phishing sites.
Calls for Immediate Security Enhancements
ZachXBT has urged Coinbase to take several key steps to curb these scams:
- Make phone numbers optional for users who enable multi-factor authentication through authenticator apps.
- Introduce a beginner-friendly account mode that disables withdrawals, reducing the risk for new or elderly users.
- Improve community outreach to educate users about security threats and prevention measures.
- Take legal action against scammers and data brokers enabling these large-scale fraud operations.
He warned that if Coinbase does not implement stronger protections, the exchange’s users could continue to lose hundreds of millions of dollars each year to social engineering attacks.
As the crypto industry grapples with increasing fraud risks, Coinbase faces mounting pressure to reinforce security measures and rebuild user trust.
