In the ever-evolving world of cryptocurrency, security remains one of the most pressing concerns for users and exchanges alike. Recently, an investigative report by on-chain analyst ZachXBT highlighted a disturbing trend: Coinbase users are reportedly losing over $300 million annually due to social engineering scams. This staggering figure raises alarm bells about the security protocols implemented by one of the most popular cryptocurrency exchanges and hints at systemic issues that may be contributing to the substantial losses endured by its users.
The investigation conducted by ZachXBT, along with collaborator Tanuki42, scrutinized user withdrawals and direct messages from victims to ascertain the depth of financial crimes linked to Coinbase. Their findings revealed that a minimum of $65 million was siphoned off through scams in the brief span from December 2024 to January 2025. However, experts caution that this number could be significantly underestimated, as it fails to encompass instances reported to Coinbase support or law enforcement agencies. Notably, one victim reported a staggering loss of around $850,000. The stolen funds were traced back to a consolidation address associated with more than 25 victims, raising questions about how effectively such high-stakes fraudulent activity is monitored and mitigated by Coinbase.
The modus operandi of these scams is disturbingly intricate. Attackers typically leverage spoofed phone numbers to contact victims, presenting themselves as authoritative figures and utilizing personal data obtained through nefarious means to build trust. Victims are misled into believing their accounts are compromised; subsequently, they receive fraudulent emails apparently from Coinbase that instruct them to transfer funds to an alternate wallet under the pretense of securing their assets. Such deceptive practices are exacerbated by meticulously designed phishing sites, some of which are actively marketed on platforms like Telegram.
ZachXBT’s investigation identified two primary groups involved in perpetrating these scams. Members of a group dubbed ‘The Com’ and indiscriminate cybercriminals operating from India are particularly adept at targeting US customers. This geographic focus reflects a sophisticated understanding of market vulnerabilities and an alarming specificity in targeting methods. Moreover, within the framework of their findings, the report outlined an inconsistency in Coinbase’s security recommendations, noting that while employees discourage users from employing VPNs, scammers can easily manipulate access to their phishing domains to evade detection.
The implications of these scams are profound. A report from Chainalysis estimated that social engineering attacks could have netted scammers an astonishing $4.6 billion between 2023 and 2024. The growling inadequacies in Coinbase’s response to these challenges have called into question the exchange’s reliability. Multiple incidents, including hacks linked to outdated API keys and vulnerabilities that enabled the distribution of verification codes to unauthorized emails, signify deeper structural flaws within Coinbase’s security framework.
Victims of these scams often face significant hurdles in reaching Coinbase’s customer support services, especially during non-business hours in the U.S. This latency in support has been cited as a key factor in exacerbating user frustrations and amplifying the financial impact of these fraudulent activities. Comparatively, rival exchanges like Kraken, OKX, and Binance appear to be effectively circumventing similar issues, prompting inquiries into the efficacy of Coinbase’s current security protocols.
To address these escalating concerns, the investigative report proposed several considerate measures Coinbase might adopt. Suggestions ranged from providing optional phone number input for advanced users to creating designated account types for beginners or elderly users with withdrawal restrictions. Enhanced customer support and active community engagement through public fund recovery strategies could serve to restore some level of confidence among users.
While the report does acknowledge Coinbase’s strengths—stablecoin on/off-ramps, the burgeoning Base blockchain, and custody solutions—it underscores that substantial gaps remain in terms of user protection. With monthly losses reportedly reaching tens of millions, the pressure is mounting for Coinbase to revisit and revise its security strategies. In light of fierce competition in the cryptocurrency exchange domain, the spotlight is firmly on Coinbase to enhance its defensive measures, ensuring users can trade with confidence and security in an increasingly perilous digital landscape.