In March 2025, Coinbase users experienced significant financial losses, with over $46 million reportedly stolen in a series of sophisticated phishing attacks.
The surge in cryptocurrency prices has attracted cybercriminals, exploiting weaknesses in security systems to deceive unsuspecting victims.
Phishing Tactics Take Center Stage
ZachXBT, a blockchain investigator, uncovered the scale of the scams, revealing that cybercriminals used techniques like address poisoning and wallet spoofing to create fraudulent wallet addresses nearly identical to legitimate ones. These deceptive tactics tricked users into unknowingly transferring their digital assets into the wrong hands.
One of the most significant cases occurred when scammers managed to steal 400 Bitcoin—worth roughly $34.9 million—from a single Coinbase wallet. ZachXBT’s investigation found multiple similar incidents, totaling an estimated $46 million in losses this month alone.
Coinbase’s Official Response and Warning
In response, Jaclyn Sales, Coinbase’s Director of Communications, assured users that the company is actively investigating the situation. She reiterated Coinbase’s policy, warning that the company would never contact users to request login credentials, API keys, or fund transfers. Any communication asking for this kind of information is a scam and should be ignored.
Reports indicate that Coinbase is one of the most impersonated brands in the crypto space, with scammers using trusted names to trick users. A June 2024 report highlighted that Meta was targeted more than 25 times the amount of Coinbase in phishing attempts, though the exchange remains a frequent target for these scams.
To help mitigate the risk of falling victim to these types of scams, Coinbase recommends a few key security measures:
Firstly, it’s recommended to use a dedicated email address exclusively for cryptocurrency transactions. This helps ensure that your crypto-related communications are separated from other emails, reducing the risk of phishing.
Next, enable two-factor authentication (2FA) on all your accounts. This adds an additional layer of protection by requiring a second form of identification (like a code sent to your phone) before granting access.
Additionally, setting up an address allowlist can greatly improve security. By doing this, you ensure that withdrawals can only be made to approved addresses, minimizing the chances of unauthorized transactions.
Lastly, consider storing your assets in Coinbase Vault. This feature offers an extra level of security by requiring multiple approvals for withdrawals, making it harder for unauthorized users to access your funds.
These steps can help safeguard your crypto holdings and provide more peace of mind while managing your assets.
Kosta Gushterov
Reporter at Coindoo
Kosta has been a part of the team since 2021 and has solidified his position with a thirst for knowledge, incredible dedication to his work and a “detective-like” mindset. He not only covers a wide range of trending topics, he also creates reviews, PR articles and educational content. His work has also been referenced by other news outlets.
Source: https://coindoo.com/coinbase-users-suffered-46-million-loss-from-phishing-scams-in-march-2025/