Coinbase will not call customers to warn them that their accounts may have been compromised. It is a common scam vector. Even so, someone tried it to me.
You are reading State of Crypto, a Coendesk newsletter that analyzes the intersection of cryptocurrency and government. Click here to register in future editions.
The narrative
Last weekend, an unknown number of California called me. A useful gentleman informed me that my Coinbase account had been compromised during his recent data violation and that he was there to help me not lose my assets.
Oh no, horror!
Why does it matter
Very good, so obviously this is a scam. Just after hanging with this supposed agent of the aid table, I sent a text message to a coinbase spokesman to verify that at no time the exchange call A client to tell them that his account was compromised. It is scam 101: If you receive a phone call informing you that your account has been compromised, either in an exchange of cryptography, a bank, the IRS, whatever, is a scam. Do not share your personal data and do not provide any password if you receive a call like this.
There were some defects in the attempt to make me, presumably, transfer my funds from my supposedly committed coinbase account to another direction. But I hope this can be a useful teaching moment for the almost 70,000 people who have been affected by the recent dissemination of Coinbase breach, as well as any other person who receives a phone call that affirms that their information has been compromised. This is how this happened.
Break down
Let’s start from the beginning. On Saturday, May 24, I received a call from a number that did not recognize my personal phone, not in my public work number. Being a weekend, one in which I was actually visiting the family in another state, I did not pick up. Then, the same number called again and I still did not pick up (yes, I know, fascinating, but it is 2025 and you can leave a voice email or a text message).
Ten minutes later, I received a third call from a different number, which I picked up because at that time I was curious.
A gentleman who called himself Riccardo told me that he was part of the Department of Coinbase Shares and Protections and that he was contacting because the information of my Coinbase account had committed and that a new email had been added to my account.
I was quite confused, for reasons that I will enter next. But I was also intrigued because there were immediately four red flags. By simplicity, I will refer to the person who calls as “the agent” from now on, but to be absolutely clear, I doubt it is a real customer service agent, representative or other coinbase employee, and certainly did not contact me as an authorized representative of the exchange.
First, the phone call itself is a great red flag. Coinbase will never call a client for a rape, but will communicate with customers by email, he said previously on a tweet.
This is really standard. The Federal Trade Commission website indicates that there is a wide range of scams in which someone will call it, and many other companies have warnings that their employees will never proactively call a client about the account problems.
The agent with whom I spoke said they would freeze my account for 24 hours to make sure that funds could not be steal (thank you, I suppose?) And that a supervisor would contact me (I still wait for this supervisor to call). This supposed freezing in my account can be extended to three months if there are multiple attempts to login.
To conclude the call, he said he would send me an email summarizing all the details we had discussed. On Saturday night, I received an email with the subject line “your case is in review.”
The follow -up email This very useful customer service representative sent was extremely informative.
On the one hand, the email address they had associated with my account is a public address, but it is not the email address attached to my real coinbase account (to be fair, I forgot that part until I tried to find my login information a few days later).
Gmail initially (correctly) marked this email as spam. I transferred it to my entrance tray, where Gmail showed me that the sender ([email protected]) was not the real sender: the email arrived through Learnindonesian.online. Even the part of info-cobase.com is incomplete: for one thing, the coinbase website is coinbase.com, although it sends emails from [email protected], yet, it would not expect a script in a support email domain. For another, the domain of the information base was created for the first time in November 2024 (according to a search in ICANN) and is not a real website.
The email headings were not very useful in terms of providing any type of identification information, but confirmed that the sender seemed to have tried to obfuscate their information.
Interestingly, the “Visit Coinbase” link at the bottom seemed to link to the Real Coinbase website and there seems to be integrated hidden images or other attachments in the email. I am not totally sure of what is happening there. A real scammer could have embedded a virus of some kind in email or even a tracking pixel. Another common tool that scammers could use is to put in a phishing link instead of a legitimate one in an email, cheating the user to go to a website destined to steal their login information (this is not legal, technical or any other type of advice; if you decide to try to scam someone using the information you obtained from this informative newsletter, stop it).
While scammers can sometimes know how much their victims are planned in a wallet or account, the person who called me did not seem to have that information (since I have zero cryptography in my Coinbase account).
I called the number on Friday to see what could happen. No one picked up. I guess my account must be sure now.
- Stand with crypto eliminates Soulja Boy from NJ Government Rally after discovering the fine of sexual assault: Stand With Crypto announced Soulja Boy and 070 Shake would head a “voting rally” next week before the primary elections of New Jersey governor. SWC eliminated Soulja Boy one day after discovering that he was found responsible for sexual positions of aggression and aggression and was ordered to pay $ 4 million last month, in a case derived from 2021.
- The head of the SEC Task Force says that encryption merchants must be growing, not crying the government: The SEC Commissioner, Hester Peirce, told the Bitcoin 2025 Las Vegas audience that it is well to invest in speculative assets, especially if there is no federal regulator with nearby supervision, but those investors cannot ask for a rescue when prices sink.
- Republicans of the US House of Representatives. UU. Republicans of the House of Representatives have formally introduced the Clarity Law of the Digital Assets Market, their market structure bill, only weeks after circulating a discussion draft.
- Crypto Staking does not violate the United States Law of Securities, says Sec: The last statement of the SEC staff analyzes the rethinking and how the Securities Regulator could evaluate that part of the cryptographic ecosystem.
- SEC files to dismiss the long -term demand against Binance: The SEC and Binance presented a joint stipulation to eliminate the case of the regulator against Binance.
- Suspicious in the kidnapping of Manhattan cryptography, the case of torture declares itself innocent as the investigation expands: The news was learned during the weekend that a cryptographic investor had been kidnapped and tortured by his Bitcoin keys. Two suspects accused of perpetrating kidnapping have been arrested and not guilty.
- The Trump Memecoin dinner questioned by the Judicial Committee of the Democratic Top in the House of Representatives: Jamie Raskin, the main democrat in the Judicial Committee of the Chamber, wrote a letter to the president of the United States, Donald Trump, asking him to publish the names of his guests at Memecoin’s dinner last week.
Friday
- 15:00 UTC (11:00 AM ET) A federal judge held a telephone hearing to evaluate Roman Storm’s defense argument that the Department of Justice may have retained information. The judge ruled that, in his opinion, the Department of Justice did not have to review his materials and had not retained information that reached the level of the procedures that affect.
- (The Washington Post) The White House published a “Make America Healy Again” report that cited non -existent studies and references, with revealing signs that AI may have been used to generate at least some parts of the report.
- (The Federal Reserve) The Fed said that 8% of adults who responded to a survey said they had cryptocurrencies in the United States, compared to 12% four years ago.
If you have thoughts or questions about what I should discuss next week or any other comments you want to share, do not hesitate to send me an email to [email protected] or find myself at bluesky @nikhileshde.bsky.social.
You can also join the group conversation on Telegram.
Look, next week!
