Hedge funds cut NFLX, keep big bets on MSFT, AMZN, add NVDA
Onchain investigator known as ZachXBT reported that users of the cryptocurrency exchange Coinbase (NASDAQ:COIN) have lost over $65 million due to social engineering scams between December 2024 and January 2025.
ZachXBT highlighted that this figure might be significantly underestimated since it doesn’t include unreported cases to Coinbase support or the police.
In a detailed examination of these fraudulent activities, ZachXBT revealed how scammers employed stolen personal data from private databases to execute their schemes. One such method involved sending a victim a counterfeit email, which appeared to be from Coinbase, alerting them of multiple unauthorized login attempts. The fraudulent communication included a bogus case ID and directed the victim to move funds to a Coinbase Wallet and whitelist a certain address.
ZachXBT also described how scammers create nearly identical replicas of the Coinbase website, enabling them to send deceptive prompts to targets through spoofed emails. Additionally, he mentioned the existence of multiple Telegram channels where scammers promote and sell these fake panels.
The onchain sleuth estimated that the annual losses from such scams exceed $300 million and criticized Coinbase for not adequately addressing the issue. According to ZachXBT, other major exchanges do not face similar issues with fraudulent panels created by scammers.
Furthermore, ZachXBT claimed that Coinbase often fails to report scammers’ addresses, allowing thefts to continue for weeks. He shared that a Coinbase employee had advised users on an unspecified platform to avoid using VPNs to prevent being flagged as suspicious. However, ZachXBT pointed out that threat actors typically block VPNs on phishing sites, indicating a misdiagnosis of the problem by Coinbase.
According to The Block, ZachXBT called on Coinbase’s leadership to take urgent action to combat social engineering scams. He suggested several measures, such as making phone number input optional for KYC-verified users, introducing a beginner account type with restricted withdrawals, and enhancing community outreach to better protect users from these types of attacks.
This article was generated with the support of AI and reviewed by an editor. For more information see our T&C.