Experts warn a new wallet-draining scam regarding Coinbase.
Coinbase’s “urgent” emails should be taken with a grain of salt.
PIXM researchers found an email campaign regarding wallet-draining scam from Coinbase.
Attackers impersonated Coinbase to steal account
credentials.
The email warns the Coinbase user that their account has a “urgent matter.”
Sometimes they must confirm a transaction or supply additional information to avoid account lockout.
Bypassing 2FA
Regardless of the email’s content, it always conveys
urgency and provides a link to log into the platform and fix
the problem regarding the account.
The URL links to a bogus Coinbase website and hence scam starts.
Now it’s progressed.
Most users have two-factor authentication enabled, therefore criminals bypassed it easily.
When a user enters their password, they’re sent to the real Coinbase site and asked for their 2FA code
The victim is sent to a site that claims “account suspended” and hence it offers “customer help.”
This is not Coinbase customer assistance, but rather the continuation of a wallet draining scam in which the attackers try to collect personal information from the victim.
- Samsung Galaxy S23 is a strong phone
Researchers want basic information like phone numbers, postal addresses, emails, and anticipated account balances.