top of page

Coinbase Users Face Unprecedented $300M Loss to Social Engineering Scams

Writer's picture: Blockonome GnomeBlockonome Gnome

Cybercriminals exploit vulnerabilities in security measures, leading to massive thefts.


Coinbase Users Face Unprecedented $300M Loss to Social Engineering Scams

A recent investigation has revealed that Coinbase users are collectively losing more than $300 million annually to highly sophisticated social engineering scams. On-chain investigator ZachXBT, collaborating with researcher Tanuki42, uncovered shocking data showing that scammers stole at least $65 million in just two months—between December 2024 and January 2025 alone.


The investigation identified two major criminal groups behind these fraudulent schemes. One consists of members from a group known as ‘The Com,’ while the other comprises cybercriminals based in India who primarily target U.S. customers.


Scammers execute their fraud through a well-rehearsed method that begins with contacting victims using spoofed phone numbers. These criminals obtain personal information from private databases to build credibility, then falsely alert users about unauthorized login attempts on their Coinbase accounts.


Following the initial deception, victims receive fraudulent emails impersonating Coinbase. These messages include fabricated case ID numbers to make the interaction appear legitimate. The scammers then manipulate victims into taking steps that ultimately grant them access to the users’ funds.


One particularly devastating case documented in the report involved a single victim losing approximately $850,000. Investigators traced the stolen assets to a consolidation address labeled “coinbase-hold.eth,” which was linked to over 25 other victims.


The scammers have developed a robust infrastructure to support their operations. They utilize phishing panels advertised on Telegram and create clone websites that mimic Coinbase’s official platform. These fake sites are designed to prevent access through VPNs—an ironic contradiction to Coinbase’s security recommendations.


The report also highlighted underlying security concerns at Coinbase. These include the misuse of old API keys for tax software and a vulnerability that allows verification codes to be sent to any email address, regardless of its connection to the user’s account.


Coinbase Commerce itself suffered a $15.9 million theft in 2023, yet many stolen funds remain unflagged in compliance tools even weeks after the scams occur, making recovery nearly impossible for victims.

Compounding these security issues is the company’s inadequate customer support. Victims have reported severe difficulties in reaching Coinbase representatives, particularly outside U.S. business hours, further exacerbating their struggles in recovering lost funds.


The scale of these attacks is staggering, especially when compared to other major cryptocurrency exchanges. The investigation revealed that competing platforms such as Kraken, OKX, and Binance have not faced similar levels of social engineering fraud, raising questions about Coinbase’s security practices.


Between 2023 and 2024, blockchain analysis firm Chainalysis reported that social engineering scams accounted for $4.6 billion in stolen cryptocurrency worldwide. The fact that Coinbase-specific losses represent a significant portion of this figure underscores the urgent need for reform.


ZachXBT’s report suggested several preventative measures Coinbase could implement. Among these recommendations are allowing users to opt out of phone-based authentication in favor of security keys, creating a special account type with enhanced protections for new or elderly users, and strengthening community education on security best practices.


Other proposed improvements include establishing a dedicated incident response team, actively flagging addresses associated with theft, and blocking known phishing domains. Additionally, increasing engagement through educational blog posts about fund recovery could help users better protect themselves.


While the report acknowledged positive aspects of Coinbase’s operations—such as its work on the Base blockchain, asset recovery tools, and legal advocacy against regulatory overreach—it emphasized that these advantages are overshadowed by ongoing security vulnerabilities.


With scams continuing to drain tens of millions of dollars each month, the urgency for Coinbase to implement stronger security measures has never been greater. The $65 million stolen in December 2024 and January 2025 may only be the tip of the iceberg, as the investigation excluded data from Coinbase support tickets and law enforcement reports.


photo source / Blockonome


Comments


Top Stories

Thanks for subscribing!

© 2024 by Blockonome. 

Bring global cryptocurrency news straight to your inbox. Sign up for our monthly newsletter.

  • X
  • LinkedIn
  • TikTok
  • Instagram
  • Facebook

Blockonome's content is meant to be informational in nature and should not be interpreted as investment advice. Trading, buying or selling cryptocurrencies should be considered a high-risk investment and every reader is advised to do their own research before making any decisions.

bottom of page