Coinbase Users Face $300 Million in Annual Losses Due to Social Scams, Claims ZachXBT

ZachXBT Warns Coinbase Users Are Losing $300M Annually to Social Engineering Scams

Coinbase users have fallen victim to more than $65 million in social engineering attacks within just the last two months, with annual losses estimated to hit $300 million, according to crypto researcher ZachXBT in an X post on Monday.

ZachXBT noted that the actual amount lost could be even higher, as the reported figures do not account for unreported cases. Coinbase has yet to provide an official statement on the matter, but when asked, it directed attention to a blog post published on Monday that provides advice on spotting and avoiding scams.

The scams in question involve hackers using stolen personal information to send fake emails that closely mimic Coinbase’s official communications. These emails often contain fraudulent case IDs, urging users to transfer funds to scammer-controlled wallets.

“The attackers clone Coinbase’s website almost perfectly, using spoofed emails and panels to manipulate victims,” ZachXBT explained. “The primary groups behind these scams are hackers from the Com region and threat actors based in India, with U.S. customers being their main target.”

In his post, ZachXBT criticized Coinbase for suggesting that users stop using VPNs to avoid being flagged as suspicious. He pointed out that scammers are deliberately blocking VPN usage on phishing sites to bypass security measures.

To tackle these issues, ZachXBT urged Coinbase to improve its security protocols by making phone number input optional, introducing a restricted account type for new users, and enhancing community education on how to avoid falling victim to scams.