Crypto’s Dark Side: Anatomy of a Near-Miss Scam Attempt

Another day, another crypto scam attempt—this one almost slipped through the cracks. Here’s how it went down.

The Bait: A too-good-to-be-true DeFi yield farm promising 500% APY (because sure, that’s sustainable).

The Hook: Urgent Telegram DMs pressuring quick action before the ’whale allocation’ closed—classic FOMO play.

The Tell: Contract address one character off from the legitimate project. Wallet drainer in disguise—rookie move, but effective if rushed.

Lesson? Always triple-check addresses. And maybe question why crypto’s ’innovation’ still revolves around separating fools from their money faster than traditional finance does.

Gmail initially (correctly) flagged this email as spam. I moved it to my inbox, where Gmail then showed me that the sender ([email protected]) was not the actual sender — the email arrived via learnindonesian.online. Even the info-coinbase.com part is sketchy — for one thing, Coinbase’s website is coinbase.com, though it does send emails from [email protected] — still, you wouldn’t expect a hyphen in a support email domain. For another, the info-coinbase domain was first created in November 2024 (according to an ICANN lookup) and isn’t a real website.

The email headers were also not super helpful in terms of providing any sort of identifying information, but they did confirm that the sender appeared to have tried to obfuscate their information.

Curiously, the "Visit Coinbase" LINK at the bottom appeared to link to the actual Coinbase website and there do not appear to be any hidden embedded images or other attached files in the email at all. I’m not totally sure what’s going on there. A real scammer could have embedded a virus of some sort into the email or even a tracking pixel. Another common tool scammers might use is putting in a phishing link in place of a legitimate one in an email, tricking the user into going to a website intended to steal their login information (this is not legal, technical or any other sort of advice; if you decide to try and scam somebody using information you gleaned from this newsletter, stop it).

While scammers might sometimes know how much their intended victims have in a wallet or account, the person who called me did not appear to have that information (as I have zero crypto in my Coinbase account).

I called the number back on Friday to see what might happen. No one picked up. I guess my account must be secure now.

• Stand With Crypto Removes Soulja Boy From NJ Governor Rally After Discovering Sexual Assault Fine: Stand With Crypto announced Soulja Boy and 070 Shake would headline a "get out the vote rally" next week ahead of New Jersey’s governor primary election. SWC removed Soulja Boy a day later after discovering he was found liable for sexual battery and assault charges and ordered to pay $4 million last month, in a case stemming from 2021.
• SEC Task Force Chief Says Crypto Traders Need to be Growups, Not Cry to Government: SEC Commissioner Hester Peirce told the Bitcoin 2025 Las Vegas audience that it’s fine to invest in speculative assets, especially if there’s no federal regulator with close oversight, but those investors can’t ask for a bailout when prices sink.
• U.S. House Republicans Officially Introduce Crypto Market Structure Bill: House Republicans have formally introduced the Digital Asset Market Clarity Act, its market structure bill, just weeks after circulating a discussion draft.
• Crypto Staking Doesn’t Violate U.S. Securities Law, SEC Says: The SEC’s latest staff statement looks at staking and how the securities regulator might evaluate that part of the crypto ecosystem.
• SEC Files to Dismiss Long-Running Lawsuit Against Binance: The SEC and Binance filed a joint stipulation to drop the regulator’s case against Binance.
• Suspects in Manhattan Crypto Kidnapping, Torture Case Plead Not Guilty as Investigation Widens: News broke over the weekend that a crypto investor had been kidnapped and tortured for his Bitcoin keys. Two suspects accused of perpetrating the kidnapping have been arrested and pled not guilty.
• Trump’s Memecoin Dinner Questioned by Top Democrat on House Judiciary Committee: Jamie Raskin, the top Democrat on the House Judiciary Committee, wrote a letter to U.S. President Donald Trump calling on him to publish the names of his guests at last week’s memecoin dinner.

Friday

• 15:00 UTC (11:00 a.m. ET) A federal judge held a telephone hearing to assess Roman Storm’s defense argument that the Department of Justice may have withheld information. The judge ruled that in her view, the DOJ did not have to review its materials and had not withheld information that rose to the level of affecting proceedings.

• (The Washington Post) The White House published a "Make America Healthy Again" report that cited nonexistent studies and references — with telltale signs that AI may have been used to generate at least some parts of the report.
• (The Federal Reserve) The Fed said 8% of adults who responded to a survey said they held cryptocurrency in the U.S., down from 12% four years ago.

If you’ve got thoughts or questions on what I should discuss next week or any other feedback you’d like to share, feel free to email me at [email protected] or find me on Bluesky @nikhileshde.bsky.social.

You can also join the group conversation on Telegram.

See ya’ll next week!