Crypto’s Dark Side: Anatomy of a Near-Miss Scam Attempt

Another day, another grift—welcome to the Wild West of digital assets.

How to spot the wolves in DeFi clothing

The ’too-good-to-be-true’ rule applies double in crypto. When an ’ETH giveaway’ slides into your DMs or a ’support agent’ asks for your seed phrase, your spidey-sense should scream exit scam.

Why this keeps happening

Unregulated markets attract opportunists like Wall Street bankers to a taxpayer bailout. With $2.3B lost to DeFi hacks in 2024 alone (Chainalysis data), the attack vectors keep evolving—fake token approvals, spoofed wallets, even AI-generated voice clones of CEX execs.

The irony? Blockchain’s transparency makes forensic tracing possible... after the theft. Your best defense? Paranoid-level OpSec and remembering there are no free lunches—just like in traditional finance, but with fewer suits.

Gmail initially (correctly) flagged this email as spam. I moved it to my inbox, where Gmail then showed me that the sender ([email protected]) was not the actual sender — the email arrived via learnindonesian.online. Even the info-coinbase.com part is sketchy — for one thing, Coinbase’s website is coinbase.com, though it does send emails from [email protected] — still, you wouldn’t expect a hyphen in a support email domain. For another, the info-coinbase domain was first created in November 2024 (according to an ICANN lookup) and isn’t a real website.

The email headers were also not super helpful in terms of providing any sort of identifying information, but they did confirm that the sender appeared to have tried to obfuscate their information.

Curiously, the "Visit Coinbase" LINK at the bottom appeared to link to the actual Coinbase website and there do not appear to be any hidden embedded images or other attached files in the email at all. I’m not totally sure what’s going on there. A real scammer could have embedded a virus of some sort into the email or even a tracking pixel. Another common tool scammers might use is putting in a phishing link in place of a legitimate one in an email, tricking the user into going to a website intended to steal their login information (this is not legal, technical or any other sort of advice; if you decide to try and scam somebody using information you gleaned from this newsletter, stop it).

While scammers might sometimes know how much their intended victims have in a wallet or account, the person who called me did not appear to have that information (as I have zero crypto in my Coinbase account).

I called the number back on Friday to see what might happen. No one picked up. I guess my account must be secure now.

• Stand With Crypto Removes Soulja Boy From NJ Governor Rally After Discovering Sexual Assault Fine: Stand With Crypto announced Soulja Boy and 070 Shake would headline a "get out the vote rally" next week ahead of New Jersey’s governor primary election. SWC removed Soulja Boy a day later after discovering he was found liable for sexual battery and assault charges and ordered to pay $4 million last month, in a case stemming from 2021.
• SEC Task Force Chief Says Crypto Traders Need to be Growups, Not Cry to Government: SEC Commissioner Hester Peirce told the Bitcoin 2025 Las Vegas audience that it’s fine to invest in speculative assets, especially if there’s no federal regulator with close oversight, but those investors can’t ask for a bailout when prices sink.
• U.S. House Republicans Officially Introduce Crypto Market Structure Bill: House Republicans have formally introduced the Digital Asset Market Clarity Act, its market structure bill, just weeks after circulating a discussion draft.
• Crypto Staking Doesn’t Violate U.S. Securities Law, SEC Says: The SEC’s latest staff statement looks at staking and how the securities regulator might evaluate that part of the crypto ecosystem.
• SEC Files to Dismiss Long-Running Lawsuit Against Binance: The SEC and Binance filed a joint stipulation to drop the regulator’s case against Binance.
• Suspects in Manhattan Crypto Kidnapping, Torture Case Plead Not Guilty as Investigation Widens: News broke over the weekend that a crypto investor had been kidnapped and tortured for his Bitcoin keys. Two suspects accused of perpetrating the kidnapping have been arrested and pled not guilty.
• Trump’s Memecoin Dinner Questioned by Top Democrat on House Judiciary Committee: Jamie Raskin, the top Democrat on the House Judiciary Committee, wrote a letter to U.S. President Donald Trump calling on him to publish the names of his guests at last week’s memecoin dinner.

Friday

• 15:00 UTC (11:00 a.m. ET) A federal judge held a telephone hearing to assess Roman Storm’s defense argument that the Department of Justice may have withheld information. The judge ruled that in her view, the DOJ did not have to review its materials and had not withheld information that rose to the level of affecting proceedings.

• (The Washington Post) The White House published a "Make America Healthy Again" report that cited nonexistent studies and references — with telltale signs that AI may have been used to generate at least some parts of the report.
• (The Federal Reserve) The Fed said 8% of adults who responded to a survey said they held cryptocurrency in the U.S., down from 12% four years ago.

If you’ve got thoughts or questions on what I should discuss next week or any other feedback you’d like to share, feel free to email me at [email protected] or find me on Bluesky @nikhileshde.bsky.social.

You can also join the group conversation on Telegram.

See ya’ll next week!