Crypto Trader Exposes Sophisticated Coinbase Phishing Scam

Jacob Canfield, a cryptocurrency trader, revealed a complex phishing scam aimed at Coinbase users.
The scam showcased advanced social engineering, mimicking Coinbase’s authentic customer support.
Canfield urged users to exercise caution and take additional security precautions with their accounts.

Jacob Canfield, a renowned cryptocurrency trader, recently revealed on Twitter that he was targeted by an intricate scam related to the crypto exchange Coinbase. Canfield claimed to have been a victim of the scam, which he described as one of the “most complex scams” in crypto he has ever encountered.

Holy shit.
I just got attacked with one of the most complex scams in #crypto that I have seen to date.
Please read if you use @coinbase.
This just happened 15 minutes ago.
THIS IS A WARNING FOR ALL COINBASE USERS!
There has been some sort of a data breach.
First, I… pic.twitter.com/aOVWLpAtY4
— Jacob Canfield (@JacobCanfield) June 13, 2023

According to Canfield’s tweets, the scam starts with the user receiving a text message stating that their Coinbase two-factor authentication (2FA) has been changed. This is followed by three calls from a San Francisco number, purporting to be from Coinbase’s customer support, asking if the user had requested an email and 2FA change and if they were traveling outside the US.

The scammer then transfers the user to the ‘security’ team, who requests a ‘verification code’ that has been emailed to the user’s personal email to avoid a 48-hour suspension. The scammer’s tactics were so sophisticated that Canfield noted they “sounded incredibly American.”

The scam’s complexity lies in its use of a verification code that appears to be the actual 2FA of the user, sent from an email that appears to be from Coinbase. Canfield speculated that the scammers were either logging into his account or were already logged in and attempting to request a withdrawal while on the phone with him.

Notably, the email from which the code was sent appeared to originate from Amazon’s email provider, indicating that the scammers may be exploiting a vanity email address to mislead users. While Canfield was able to change his Coinbase password and 2FA after realizing it was a scam, he expressed concern that many people could fall victim to this swindle.

Cryptocurrency investigator zachXBT also responded to Canfield’s tweet, highlighting that a similar scam targeted another individual in the community last year. He suggested that the scammers might be exploiting a social engineering technique, which involves manipulating people into divulging confidential information.

Source: https://coinedition.com/crypto-trader-exposes-sophisticated-coinbase-phishing-scam/