Share this article
Coinbase Users Are Losing $300M a Year to Social Scams, ZachXBT Says
ZachXBT advised Coinbase to enhance security by making phone number inputs optional, creating a restricted account type for new users and improving community education on scam prevention.
Updated Feb 4, 2025, 3:57 p.m. Published Feb 4, 2025, 3:19 p.m.
What to know:
- Coinbase users lost over $65 million to social engineering attacks in the past two months and an estimated $300 million lost to such attacks annually, according to crypto sleuth ZachXBT.
- Scammers utilize stolen personal data to deceive users by sending fake emails that mimic Coinbase's official communications, including false case IDs prompting users to transfer funds to scammer-controlled wallets, ZachXBT said.
Coinbase (COIN) users lost over $65 million to social engineering attacks in the past two months with an estimated $300 million lost to such attacks annually, crypto sleuth ZachXBT said in an X post Monday.
The actual figure lost might be higher, because the amount doesn't include unreported cases, ZachXBT said.
STORY CONTINUES BELOW
Don't miss another story.Subscribe to the Crypto Daybook Americas Newsletter today. See all newsletters
Coinbase has not publicly commented on the matter. When asked for a comment, it highlighted a primer on identifying and avoiding social engineering scams posted to its blog on Monday.
Scammers utilize stolen personal data to deceive users by sending fake emails that mimic Coinbase's official communications, including false case IDs prompting users to transfer funds to scammer-controlled wallets, ZachXBT said.
“Scammers clone the Coinbase site nearly 1:1 and allow the scammers to send different prompts to the target via spoofed emails using panels,” he noted. “The two main groups conducting these scams are skids from the Com and threat actors located in India both primarily targeting US customers.”
Loading...
“A Coinbase employee told people on X to stop using VPNs to avoid being flagged as suspicious. Meanwhile, threat actors will explicitly block VPNs from phishing sites,” ZachXBT wrote in the now-viral post. “This shows Coinbase’s failure to diagnose the actual problem.”
ZachXBT advised Coinbase to enhance security by making phone number inputs optional, creating a restricted account type for new users, and improving community education on scam prevention.
UPDATE (Feb. 4, 15:57 UTC): Adds Coinbase's blog post on the topic in third paragraph.
More For You
What to know:
- As of October 2025, GoPlus has generated $4.7M in total revenue across its product lines. The GoPlus App is the primary revenue driver, contributing $2.5M (approx. 53%), followed by the SafeToken Protocol at $1.7M.
- GoPlus Intelligence's Token Security API averaged 717 million monthly calls year-to-date in 2025 , with a peak of nearly 1 billion calls in February 2025. Total blockchain-level requests, including transaction simulations, averaged an additional 350 million per month.
- Since its January 2025 launch , the $GPS token has registered over $5B in total spot volume and $10B in derivatives volume in 2025. Monthly spot volume peaked in March 2025 at over $1.1B , while derivatives volume peaked the same month at over $4B.
More For You
Bitcoin slides with ether and XRP as market tests $3 trillion floor
BTC's weak tone contrasted with moderate gains in major Asian equity indices, which drew strength mostly from expectations of fiscal stimulus.
What to know:
- Crypto markets continued to decline, with overall capitalization falling below $3 trillion for the third time in a month.
- Large-cap assets, particularly those with ETF exposure, are experiencing selling pressure as institutional investors reassess risk.
- Bitcoin's decline contrasts with gains in major Asian equity indices, which are buoyed by expectations of fiscal stimulus from Beijing.
Top Stories
