In the past week, fraudsters have stolen $45 million from Coinbase users through social engineering tactics, reported on-chain investigator ZachXBT.
“Over several months, I have documented thefts amounting to hundreds of millions of dollars. No other major crypto exchange has similar vulnerabilities,” stated the expert.
According to ZachXBT on February 3, this is part of a systematic issue at Coinbase: since the beginning of the year, scam victims have lost over $300 million.
1/ Over the past few months I imagine you have seen many Coinbase users complain on X about their accounts suddenly being restricted.
This is the result of aggressive risk models and Coinbase’s failure to stop its users losing $300M+ per year to social engineering scams. pic.twitter.com/PjtX7vmjqc
— ZachXBT (@zachxbt) February 3, 2025
The attack method remains unchanged: fraudsters pose as support staff, coercing victims to hand over account access or transfer funds to external wallets.
Coinbase’s Chief Security Officer, Philip Martin, called for the creation of a unified registry to track scams. In his view, this would simplify threat analysis and user protection.
“This will help direct the resources of the entire federal government towards more active measures to eliminate some of the root causes,” added Martin.
Back in March, users reported phishing emails. Fraudsters, posing as Coinbase, offered to move assets to new wallets using pre-generated seed phrases.