Beware: Scammers Now Hitting Coinbase Users With Alarmingly Convincing Phishing Calls
Phishers have leveled up—and your Coinbase account might be their next target.
Attackers are now deploying high-stakes social engineering, spoofing legitimate Coinbase support numbers to drain wallets. No brute-force hacks needed—just smooth talkers exploiting trust in the platform's brand.
How the scam works
Victims report calls from 'Coinbase security' urging immediate action to 'prevent account lockout.' Attackers mirror call center workflows, even providing fake case IDs. Classic urgency play—but with institutional-grade polish.
Why this matters
Unlike crude email scams, these voice attacks bypass 2FA and behavioral security layers. When the caller ID shows 'Coinbase' and the rep knows your transaction history? Even crypto OGs get rattled.
The irony? These scams flourish precisely because centralized exchanges spent years convincing users they're the 'safe' option. Now that branding is being weaponized against their own customers.
Stay paranoid out there—the sharks smell blood in the water.
A New Phishing Technique Targeting Coinbase Users
Various crypto scams are at an epidemic level right now, and new theft tactics are surfacing every day. Sophisticated phishing attacks have focused on Coinbase users since last year, and the trend is only increasing.
Steve (@tripiville), a TikTok user, recently went viral for describing a new phishing attack:
“It was a California number. An American voice, fluent English. He said, ‘This is Coinbase. There’s been an alert on your account—a request to change your email and phone number.’ He told me I’d receive a link. I checked the sender, and it was from Coinbase.com,” the user said.
The user first received a voicemail from what sounded like an automated Coinbase message, warning of suspicious activity. Then came a phone call. The caller claimed someone had tried to access the user’s email through Coinbase’s live chat support.
This scam stands out for its sophistication. It’s a phishing attempt disguised as a warning about phishing—tricking users into trusting the call by pretending to protect them.
It taps into a powerful psychological trigger — fear. Even if a user suspects the call might be fake, they feel compelled to respond—because the message is about a possible threat to their account.
“The phishing LINK showed a pop-up that allowed me to disconnect my third-party wallets, and it even had the metamask logo. It prompted me to input my passkey, which I understood that I should not do,” said Steve.
Impersonating Coinbase Support has been a particularly common phishing tactic. Coinbase is one of the world’s largest exchanges, and its “beginner-friendly” reputation may encourage predators to attack its clientele.
Moreover, the platform suffered a major insider leak in May, exposing troves of sensitive user data.
It seems that compromised data played a key role in this new Coinbase phishing scam. The hackers told Steve that they had his name, email, phone number, and other personally-identifying information to build trust.
Although the potential victim expressed skepticism from the beginning, the apparent use of a genuine Coinbase email kept him on the hook.
Last month, hackers exposed a method to compromise Trezor’s support emails, sending malware-filled messages through the company’s official channels.
Ultimately, despite the Coinbase impersonators’ sophisticated techniques, the phishing attempt did not work because the target was well aware of the security aspects involving digital assets.
However, such tactics could potentially harm those who are new to crypto.
Crypto criminals are looking for easy targets, not to maintain a long-term facade. If a user ends a call with genuine Customer Support agents, waits a few minutes, and calls again, they could easily speak with another employee.
A scammer, however, might write this customer off as a waste of time.
