Crypto Scams Exposed: How Hackers Stole $65M from Coinbase Users

In the Web3 industry, it is essential to stay vigilant, carefully verify all details, and dig deep into what is happening. The world of digital assets is developing rapidly, but with this growth come new threats that demand increased user attention. Today, Coinmooner wants to share one such story, where an online investigator uncovered interesting and alarming facts about fraudulent schemes targeting customers of the largest cryptocurrency exchange, Coinbase.

Recently, a well-known crypto detective under the pseudonym ZachXBT reported shocking losses suffered by Coinbase users who fell victim to a sophisticated scam. According to him, from December 2024 to January 2025, criminals stole over $65 million using social engineering techniques. These attacks psychologically manipulate victims, tricking them into willingly giving fraudsters access to their assets. However, ZachXBT believes that the reported amount is far from final—many victims have not contacted Coinbase support or the police, meaning the actual scale of damage could be much higher.

Through a detailed analysis of these fraudulent activities, the investigator revealed how criminals executed their schemes. One of the most common methods involved using stolen personal data from private databases to craft convincing fake messages. For example, scammers sent victims fake emails pretending to be from Coinbase, warning them about multiple suspicious login attempts on their accounts. The email contained a fake case ID and a request to transfer funds to Coinbase Wallet while adding a scammer-specified address to the whitelist. Many users, panicked by the message, followed these instructions without realizing they were sending money to criminals.

Additionally, ZachXBT described how fraudsters create nearly identical copies of Coinbase’s official website to deceive users. These fake sites look just like the real ones, and malicious links to them are spread through phishing emails and even search engine ads. The investigation also highlighted that scammers actively use Telegram channels to sell tools for such attacks and coordinate their actions with other cybercriminals.

Fraud in the Crypto World: Lessons from the Latest Coinbase Scam

According to ZachXBT’s estimates, the annual damage from such fraud schemes exceeds $300 million, indicating a massive problem. He strongly criticized Coinbase for its inadequate response to these threats and lack of action against scammers. He noted that other leading crypto exchanges do not experience as many impersonation cases, suggesting weaknesses in Coinbase’s security system. What is particularly concerning, according to ZachXBT, is that the exchange does not always promptly report identified fraudulent addresses, allowing criminals to operate for weeks or even months.

According to the investigator, another worrying issue is that some Coinbase employees provide users with misleading advice. For instance, a company representative on an unnamed platform advised users not to use a VPN to avoid suspicion. However, ZachXBT pointed out that real scammers block access to their phishing sites from VPN connections, highlighting a lack of understanding of the problem by Coinbase representatives.

Referring to a report by The Block, ZachXBT urged Coinbase’s leadership to take immediate steps to enhance user protection against social engineering attacks. As possible solutions, he suggested implementing additional security measures, including removing the mandatory phone number requirement for users who have already completed KYC verification, creating a special account type for beginners with withdrawal limitations, and increasing collaboration with the crypto community to raise awareness about these threats.

In conclusion, Coinmooner wants to remind readers that security in the Web3 industry is not just a convenience but a necessity. Modern fraud schemes are becoming increasingly sophisticated, and the only way to protect your assets is to use advanced security measures. We strongly recommend following cybersecurity best practices, carefully verifying incoming messages, and never clicking on suspicious links. Remember: your financial well-being depends primarily on your awareness and caution!