In a shocking revelation, Coinbase users may have incurred losses exceeding $46 million due to a surge in suspected phishing scams over the last two weeks. As cryptocurrency prices rise, all eyes are on the surge in fraudulent activities targeting unsuspecting investors in the industry.
Scammers have employed various tactics, including address poisoning and wallet spoofing, to trick victims into sending cryptocurrencies to fraudulent wallet addresses that are often nearly identical to legitimate ones. Recently, blockchain investigator ZachXBT reported that multiple wallets linked to Coinbase have been compromised this month. A notable incident involved the alleged theft of 400 Bitcoin (BTC) from a single wallet, amounting to a staggering $34.9 million.
According to ZachXBT, the alarming trend indicates that in just two weeks, a total of over $46 million has been siphoned from Coinbase users. In a post shared on Telegram on March 28, he warned, “After uncovering this theft, I noticed multiple other suspected thefts from Coinbase users in the past two weeks bringing the total stolen this month to $46M+.”
In response to these claims, Jaclyn Sales, Director of Communications at Coinbase, stated that the exchange is investigating the matter. She reinforced that “Coinbase will never call you or ask for your login credentials, API key, or two-factor authentication codes.” Her message was clear: “If someone contacts you claiming to be from Coinbase and requests this information or asks you to transfer assets, do not do it. It is a scam.” This resonates with the ongoing battle against cybersecurity threats as scammers increasingly impersonate prominent brands.
Importantly, Coinbase topped the list of most impersonated brands in the crypto industry. However, brands like Meta have seen even more fraudulent activity, with scammers targeting them more than 25 times. As the third-largest centralized cryptocurrency exchange, Coinbase reported over $1.6 billion in daily trading volume, which makes it a prime target for scammers.
Coinbase has provided several recommendations for its users to enhance their security against these evolving threats:
- Utilize a dedicated email account for Coinbase transactions.
- Enable two-factor authentication for added security.
- Set up an address allowlist to restrict transactions to known addresses.
- Utilize the Coinbase Vault for safeguarding assets.
The exchange’s blog post from February underlines the importance of these protective measures. Furthermore, recent data revealed that over $65 million may have been stolen from Coinbase users between December 2024 and January 2025 due to advanced phishing schemes, with numbers likely understated as they rely on limited data sources.
One particularly concerning type of phishing scheme is known as pig butchering, a prolonged manipulation tactic that lures victims into willingly transferring their assets to fraudulent addresses. These schemes are notably prevalent on the Ethereum network. In 2024 alone, the industry suffered losses exceeding $5.5 billion due to such scams, according to research.
As the demand for security in the crypto world intensifies, it is crucial for users to remain vigilant and informed. With digital security threats continually evolving, ensuring that protective measures are in place could mean the difference between safeguarding investments and falling victim to significant financial losses.
