{"id":22129,"date":"2025-03-17T12:42:34","date_gmt":"2025-03-17T10:42:34","guid":{"rendered":"https:\/\/forklog.com\/en\/phishing-emails-impersonate-coinbase-and-gemini-users-warned\/"},"modified":"2025-03-17T12:42:34","modified_gmt":"2025-03-17T10:42:34","slug":"phishing-emails-impersonate-coinbase-and-gemini-users-warned","status":"publish","type":"post","link":"https:\/\/forklog.com\/en\/phishing-emails-impersonate-coinbase-and-gemini-users-warned\/","title":{"rendered":"Phishing Emails Impersonate Coinbase and Gemini, Users Warned"},"content":{"rendered":"<p>Reports have emerged on X about a new phishing attack. Fraudsters, posing as representatives of the exchanges Coinbase and Gemini, are urging users to transfer their assets to new wallets using pre-generated seed phrases.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">Looks like massive phishing scams ongoing. Got two emails targeting <a href=\"https:\/\/twitter.com\/coinbase?ref_src=twsrc%5Etfw\">@coinbase<\/a> and <a href=\"https:\/\/twitter.com\/Gemini?ref_src=twsrc%5Etfw\">@Gemini<\/a> users.<\/p>\n<p>Everyone be safe! <a href=\"https:\/\/t.co\/ceP1jqWQ1Z\">pic.twitter.com\/ceP1jqWQ1Z<\/a><\/p>\n<p>\u2014 Sukesh Tedla (@sukeshtedla) <a href=\"https:\/\/twitter.com\/sukeshtedla\/status\/1900610709240901829?ref_src=twsrc%5Etfw\">March 14, 2025<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>The phishing emails claim that Coinbase has allegedly been required to ensure self-custody of assets due to legal proceedings. Clients are offered a step-by-step guide to creating a new wallet via the Coinbase Wallet app, with a deadline to complete the process by April 1.<\/p>\n<p>However, the email contains a pre-prepared seed phrase. If a user transfers funds to such a wallet, the scammers gain full access and can withdraw all assets.<\/p>\n<p>Coinbase has confirmed awareness of the fraudulent campaign and reminded users that it does not send recovery phrases.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">Reminder: Beware of recovery phrase scams.<\/p>\n<p>We&#8217;re aware of new phishing emails going around pretending to be Coinbase and Coinbase Wallet.<\/p>\n<p>We will never send you a recovery phrase, and you should never enter a recovery phrase given to you by someone else. <a href=\"https:\/\/t.co\/E9Us5jNS4C\">pic.twitter.com\/E9Us5jNS4C<\/a><\/p>\n<p>\u2014 Coinbase Support (@CoinbaseSupport) <a href=\"https:\/\/twitter.com\/CoinbaseSupport\/status\/1900632373651210421?ref_src=twsrc%5Etfw\">March 14, 2025<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>The platform&#8217;s support reminded users to &#8220;never enter seed phrases received from third parties.&#8221;<\/p>\n<p>Similar phishing emails are being distributed in the name of the crypto exchange Gemini. In this case, scammers also refer to a fictitious court decision to persuade users to create new wallets.<\/p>\n<p>Earlier, on March 12, a user <a href=\"https:\/\/forklog.com\/en\/news\/trader-loses-1-82-million-in-phishing-scam\">fell victim to phishing<\/a> and lost 1.82 million Compound USDC.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Reports have emerged on X about a new phishing attack. Fraudsters, posing as representatives of the exchanges Coinbase and Gemini, are urging users to transfer their assets to new wallets using pre-generated seed phrases. Looks like massive phishing scams ongoing. Got two emails targeting @coinbase and @Gemini users. Everyone be safe! pic.twitter.com\/ceP1jqWQ1Z \u2014 Sukesh Tedla [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":22128,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"","news_style_id":"","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[138,44,719],"class_list":["post-22129","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-coinbase","tag-cybercrime","tag-gemini"],"aioseo_notices":[],"amp_enabled":true,"views":"28","promo_type":"","layout_type":"","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/22129","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/comments?post=22129"}],"version-history":[{"count":0,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/22129\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media\/22128"}],"wp:attachment":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media?parent=22129"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/categories?post=22129"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/tags?post=22129"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}