Update (July 7 at 9:33 PM UTC): This article has been updated to include Coinbase's response.
Coinbase’s users have been turning to Twitter to report scams and phishing attacks involving the company’s services and applications in recent weeks, including claims that scammers are using the crypto exchange’s domain name.
The most recent case was disclosed on July 7 by a Twitter user identified as Daniel Mason, who allegedly received texts and emails from scammers with links under the domain Coinbase.com.
The fraudster contacted Mason using a real phone number, then triggered an email from a Coinbase.com domain, followed by a phishing text message directing him to a Coinbase subdomain URL, before verifying Mason’s address, social security number and driver's license number.
I founded an identity / security company. I'm currently building an auth company. But my Coinbase account *almost* got phished.This is the (2nd) most legit fraud attack I've ever experienced personally. Wild story below.
As Mason notes, the scammer was well-spoken and a native English speaker. The fraudster reportedly said during a phone call that Mason would receive an email from Coinbase regarding an alleged breach of his account. Immediately, an email arrived from help@coinbase.com. “Did he create a case on my behalf? Or access Coinbase mail servers?" Mason commented on Twitter.
Mason’s experience is one of many on the social media platform reporting security incidents involving the crypto exchange. A brief look at Coinbase’s support page shows users complaining about several types of scams, including phishing on Coinbase Wallet and criminals using the company’s web address.
Cointelegraph spoke with a victim of a similar approach. The individual, who
Read more on cointelegraph.com