Cybersecurity experts have warned of an elaborate scam targeting customers of the Coinbase cryptocurrency exchange.
Researchers at security firm PIXM recently uncovered an email campaign in which attackers impersonate Coinbase to trick people into handing over their account credentials.
In the email, the user is warned that their account requires special attention due to an "urgent matter". Sometimes they need to confirm a transaction, and sometimes they need to provide additional information to prevent their account from being locked.
Bypass two-factor authentication
Regardless of the content of the email, they always carry a heavy dose of urgency and of course provide the user with a link where they can log into the platform and fix the problem. However, the link leads to a fake web page that looks almost identical to the real Coinbase site.
But this is where it gets really advanced. Most users have two-factor authentication enabled, so scammers have found a way around this problem. When a user enters their passwords, they are forwarded to the real Coinbase site and then the scammers ask for the 2FA code as well.
To make matters worse, the victim is redirected to a site that says "account suspended" and offers them a chance to speak to "customer support." Again, this is not about actual Coinbase customer support, but rather about the hunt for the scam, where the attackers try to get as much personally identifiable information about the victim as possible.
The data they seek to obtain at this stage, according to the researchers, includes phone numbers, postal addresses, emails and estimated account balance.
- Get physical protection for stronger protection with the best security key picks (opens in a new tab) today