Cybersecurity experts have warned of a sophisticated scam targeting customers of cryptocurrency exchange Coinbase.
Researchers from security firm PIXM recently discovered an email campaign where attackers masquerade as Coinbase to trick people into handing over their account credentials.
In the email, the user is warned that their account needs attention due to an “urgent matter”. Sometimes they need to confirm a transaction and sometimes they need to provide additional information to prevent their account from being locked.
Bypass two-factor authentication
Regardless of the content of the email, they always carry a high dose of urgency and obviously, provide the user with a link where they can log into the platform and sort out the mess. However, the link leads to a fake website that looks almost identical to the real Coinbase site.
But this is where it really develops. Most users have two-factor authentication enabled, so fraudsters have devised a way around it. When a user enters their codes, they are relayed to the real Coinbase website, and then the scammers ask for the 2FA code as well.
To make matters worse, the victim is redirected to a website that says “the account has been suspended” and offers them the opportunity to speak to “customer support.” Again, this is not actual Coinbase customer support, but rather a continuation of the scam, where the attackers try to get as much personal information about the victim as possible.
The data they want to get at this point, according to researchers, includes phone numbers, mailing addresses, emails and estimated account balances.
- Get physical for enhanced protection with the best security key (opens in new tab) options today
