Cyber security experts have warned of a sophisticated scam targeting cryptocurrency exchange Coinbase customers.
Researchers from security firm PIXM recently discovered an email campaign where attackers disguised themselves as Coinbase to trick people into handing over their account credentials.
In the email, the user is warned that their account needs attention due to an “urgent matter”. Sometimes they need to confirm the transaction, and sometimes they need to provide additional information to prevent their account from being locked.
Bypass two-factor authentication
Regardless of the contents of the email, it always carries a heavy dose of urgency, and it obviously provides the user with a link where they can log into the platform and settle the mess. However, the link leads to a fake web page that looks almost identical to the real Coinbase website.
But here is where you really progress. Most users have two-factor authentication enabled, so scammers have come up with a way to get around it. When a user types their passwords, they are relayed to the actual Coinbase website, and then the scammers ask for a 2FA token as well.
To make matters worse, the victim is redirected to a site that says “Account Suspended” and gives them a chance to speak to Customer Support. Again, this is not actual Coinbase customer support, but rather a continuation of the scam, in which the attackers try to get as much personally identifiable information as possible from the victim.
The data they’re looking to get hold of at this point, according to the researchers, includes phone numbers, postal addresses, emails, and an estimated account balance.
- Get enhanced physical protection with the best security key (Opens in a new tab) Today’s Picks