Cybersecurity experts have warned of an elaborate scam targeting customers of cryptocurrency exchange Coinbase.
Researchers at security firm PIXM recently uncovered an email campaign in which attackers masqueraded as Coinbase to trick people into handing over their account credentials.
In the email, users were warned that their accounts needed attention due to “urgent matters.” Sometimes they need to confirm the transaction, sometimes they need to provide additional information to prevent their account from being locked.
Bypass two-factor authentication
Regardless of the content of the emails, they always carry a strong sense of urgency and apparently provide users with a link where they can log into the platform and sort out the mess. However, the link leads to a fake webpage that looks almost identical to the real Coinbase website.
But this is where it really advanced. Most users have two-factor authentication enabled, so the crooks devised a workaround. When users enter their passwords, they are forwarded to the actual Coinbase site, and the crooks then ask for a 2FA code as well.
To make matters worse, victims are redirected to a website that says “Account Suspended” and offers them the opportunity to speak with “customer support.” Again, this is not real Coinbase customer support, but a continuation of the scam, where attackers try to get as much personally identifiable information as possible from victims.
According to the researchers, the data they currently hope to obtain includes phone numbers, postal addresses, emails and estimated account balances.
- Obtain entities with the best security keys for enhanced protection (opens in new tab) Today’s choice