Coinbase will not call customers to warn them that their accounts may be compromised. This is a common vector of the scam. However, someone tried it to me.
You read the Crypto state, a CoinDesk newsletter looking at the intersection of cryptocurrency and government. Click here To sign up for future editions.
The narrative
Last weekend, an unknown California number called me. An unique -benefit gentleman lets me know that my Coinbase account was compromised during the breaking of its data and that he was there to help me not lose my property.
Oh no, it’s awkward!
Why important
All right, so obviously this is a scam. After biting up with the supposed agent of this Help Desk, I texted a Coinbase speaker to verify that at any point is the exchange Call A customer to tell them their account is compromised. This is scam 101 – if you get a phone call informing you that your The account is compromisedbe at a crypto exchange, a bank, the IRS, regardless of, This is a scam. Do not share your personal details and do not provide any passwords if you get a call like this.
There are some flaws in the attempt to get me, maybe, move my funds from my so -called Coinbase’s compromised account to another address. But I hope this can be a variety of teaching moments for nearly 70,000 people affected by the recent Coinbase violation of the recent violation, as well as anyone who receives a phone call that says their information is compromised. Here’s how it came down.
Breaking it
Let’s start from the beginning. On Saturday, May 24th, I received a call from a number I did not recognize on my personal phone, not my job number facing the public. It was a weekend, one where I was actually visiting family in another state, I wasn’t taken. Then the same number called back and I still didn’t choose (yes I know, riveting, but 2025 it and you can leave a voicemail or text).
Ten minutes later, I received a third call from another number, which I took because at that point I was curious.
A quick -speaking gentleman who called himself Riccardo told me he was part of Coinbase’s actions and department of protection and he reached because my Coinbase account information was compromised and a new email was added to my account.
I was a little confused, for the reasons I was coming to the bottom. But I was also intrigued because there were four red flags. For simplicity, I will refer to the caller as a “agent” from here, but to be completely clear, I doubt that he is an actual service agent to the customer, representative or other coinbase employee, and he certainly does not reach me as an authorized exchange representative.
First, the phone call itself is a large red flag. Coinbase will never call a customer about a breach, but instead will contact customers by email, before it said in a tweet.
This is a really standard. The Federal Commission’s website in commission Notes There is a wide range of scams where someone will call you, and Many something else Companies Have warnings that their employees never actively call a customer about account issues.
The agent said I said they would be a fan of my account within 24 hours to make sure no funds could be stolen (thank you, I guess?) And that a supervisor will reach me (I’m constantly waiting to call this supervisor). Should Freeze in my account can be expanded in three months if there are many failed plotting attempts.
To wrap the call, he said he would send me an email summarizing all the details we discussed. On Saturday night, I received an email with the subject “reviewed your case.”
This follow-up email is a useful representative of the customer’s sent service that is highly informed.
For one thing, the email address they relate to my account is a public facing, but not the email address attached to my actual Coinbase account (in fairness, I forgot that part until I tried to find my login information a few days later).
Gmail at first (correctly) posted this email as a spam. I moved it to my inbox, where Gmail showed me the sender (help@info- coinbase.com) is not the actual sender – the email comes through the learnedindonesian.online. Even the Information- Coinbase.com Part is Sketchy – For one thing, Coinbase’s website is Coinbase.comAlthough it sends emails from info@info.coinbase.com – However, you can’t expect a hyphen in a email support domain. For another, the Domain of Info-Coinbase was first created in November 2024 (according to a Icann lookup) and not a real website.
Email headers are also not very useful in terms of providing any kind of information recognition, but they have confirmed that the sender has appeared to have tried to obfuscate their information.
Interestingly, the “Visit Coinbase” link below appeared to linked to the actual Coinbase website and no one appears to be any hiddenly embedded images or other attached email files. I’m not entirely sure what’s going on there. A real scammer can be embedded by a virus of some kind in email or even a pixel monitoring. Another common tool scammers that can be used is to put in a phishing link in the area of a legitimate one of an email, cheating the user on going to a website intended to steal their login information (this is not legal, technical or any other type of advice; if you decide to try and scam a person who uses the information you gleaned from this newsletter).
While scammers may sometimes know how much they have allocated victims in a purse or account, the person who calls me does not appear to have that information (because I have a zero crypto in my Coinbase account).
I called the number on Friday to see what might happen. Nothing was taken. I think my account should be safe now.
- Stand with Crypto deleting Soulja Boy from NJ Governor Rally after discovering sexual assault fine: Standing with the crypto announced by the Soulja Boy and 070 shakes the leader of a “vote the vote rally” next week before the main New Jersey election. The SWC removed the Soulja Boy a day after discovering that he was found liable for sexual charges and attacks and was ordered to pay $ 4 million last month, in a case coming from 2021.
- SEC Task Force Chief Crypto merchants say needs to be developed, not crying to the government: The SEC Commissioner Hester Peirce told the audience of Bitcoin 2025 Las Vegas that it would be nice to invest in speculative -ownership, especially if there was no federal regulator with close administration, but investors could not ask for a bailout when prices sank.
- US House Republicans officially introduced the crypto market structure bill: House Republicans formally introduced the Digital Asset Market Clarity Act, its market structure bill, just weeks after a discussion draft.
- Crypto staking does not violate US Securities law, Sec says: The latest SEC staff statement looks at staking and how the security regulator can check part of the crypto ecosystem.
- SEC files to delete long -term suits against Binance: The SEC and Binance filed a joint stipulation to drop the regulator case against Binance.
- The suspects in Manhattan crypto kidnappo: The news broke this weekend that an investor in crypto was kidnapped and tortured for his bitcoin keys. Two suspects accused of conducting the kidnapping have been arrested and promised not to sin.
- Trump’s memecoin dinner questioned by the leading Democrat in the House Judiciary Committee: Jamie Raskin, the leading Democrat on the House Judiciary Committee, wrote a letter to US President Donald Trump who called him to publish the names of his guests at the Memecoin dinner last week.
Friday
- 15:00 UTC (11:00 am) A federal judge held a phone hearing to assess the dispute of the Roman Storm defense that the Department of Justice may have suppressed information. The judge ruled that in his view, the DOJ does not have to check its materials and did not stop the information that increased the level of affecting the proceedings.
- (The Washington Post) The White House has published the “Make America Healthy Again” report mentioning no studies and references – with signs that AI can be used to be used to produce at least a few parts of the report.
- (The Federal Reserve) The Fed said that 8% of adults responded to a survey said they would hold cryptocurrency in the US, down from 12% four years ago.
If you have thoughts or questions on what I should discuss next week or any other comment you would like to share, do not hesitate to email me nik@coindesk.com O Find me in Bluesky @nikhileshde.bsky.Social.
You can also join the group talk Telegram.
See you next week!
