Emily Walker
Coinbase is under scrutiny following revelations from crypto investigator ZachXBT about a significant social engineering scam that cost users around $300 million.
Scammers typically pose as Coinbase support agents to entice users into sharing critical details like private keys and login credentials. ZachXBT’s investigation sheds light on the severity of the security breach, indicating a growing threat within the cryptocurrency sector.
1/ Over the past few months I imagine you have seen many Coinbase users complain on X about their accounts suddenly being restricted.
This is the result of aggressive risk models and Coinbase’s failure to stop its users losing $300M+ per year to social engineering scams. pic.twitter.com/PjtX7vmjqc
— ZachXBT (@zachxbt) February 3, 2025
ZachXBT Reveals the Extent of Social Engineering Scams
Social engineering scams have existed in the crypto landscape for some time. However, ZachXBT’s findings illustrate that perpetrators are utilizing sophisticated methods to mislead Coinbase users. They impersonate genuine support personnel to extract critical account details.
Numerous users have fallen victim to these tactics. Despite Coinbase’s implemented security measures, this incident showcases how easily users can be deceived without adequate knowledge of potential threats.
3/ Let’s walk through how these Coinbase social engineering scams work.
A victim reached out to me last month after losing ~$850K.
Graphing out this theft lead to a consolidation address with 25+ other victims tied to ‘coinbase-hold.eth’.
Theft address… pic.twitter.com/y8dRxwlOO6
— ZachXBT (@zachxbt) February 3, 2025
The $300 Million Scam: An Eye-Opening Overview
The scale of this fraud is concerning. A staggering $300 million in losses stemmed from social engineering schemes targeting users. Scammers are skilled at exploiting the trust users have in well-known crypto platforms like Coinbase.
Reports indicate Coinbase users have lost at least $65 million to scams between December 2024 and January 2025 alone. This figure does not include police reports and support inquiries that ZachXBT could not access.
With such significant losses and no clear resolution in sight, there is an urgent need for increased vigilance to prevent further incidents.
Coinbase’s Approach to Tackling Rising Threats and Enhancing Security
While Coinbase has yet to reveal how it will address the $300 million fraud, the platform has a history of prioritizing consumer safety through timely security enhancements.
Given the enormity of the losses, it is evident that Coinbase must evolve its security protocols to stave off future incidents. Increasing user awareness about recognizing social engineering scams will be pivotal in these efforts.
In the meantime, users can enhance their safety by enabling two-factor authentication and adopting a cautious approach to unsolicited messages, recognizing them as potential fraud attempts.
ZachXBT’s expose emphasizes the necessity of community involvement in combating scams. Both users and platforms must remain proactive to safeguard their finances as risks in the cryptocurrency realm escalate. The $300 million loss underscores the critical importance of robust security measures in the crypto industry.
Featured image from PYMNTS, chart from TradingView