Coinbase users are falling victim to social engineering scams, losing over $300 million annually according to data shared by on-chain investigator ZachXBT. Reports of sudden account restrictions have been flooding social media platforms, with ZachXBT attributing these issues to Coinbase’s aggressive risk models and failure to combat ongoing scams.
Working alongside researcher Tanuki42, the investigation analyzed Coinbase withdrawals and victim direct messages to estimate the extent of thefts across various blockchain networks. The data revealed that bad actors have stolen at least $65 million from Coinbase users between December 2024 and January 2025, with the actual figure likely being higher due to unaccounted support tickets and law enforcement reports.
One disturbing case involved a victim losing approximately $850,000, with the stolen funds traced back to a consolidation address linked to over 25 other victims under the label “coinbase-hold.eth.”
Social engineering scams, the main method used by scammers, involve attackers contacting victims via spoofed phone numbers and utilizing personal information obtained from private databases to gain their trust. Victims are then tricked into transferring funds to a fraudulent Coinbase Wallet and allowing access to their assets, often through fake emails and cloned websites.
The report highlighted two main groups orchestrating these scams: individuals from ‘The Com’ and cybercriminals based in India targeting US customers. It also pointed out a discrepancy in Coinbase’s security recommendations, as threat actors actively block VPN access to phishing sites to avoid detection, contradicting the exchange’s advice against using VPNs.
Allegations were made against Coinbase regarding several security incidents that were not publicly addressed, including hacks involving old API keys, vulnerabilities in verification code delivery, and a significant theft from Coinbase Commerce in 2023. The report also noted difficulties victims face in reaching customer support and flagged stolen funds not being identified promptly using compliance tools.
To combat these issues, ZachXBT proposed various measures for Coinbase to implement, such as optional phone numbers for advanced users, account types with withdrawal restrictions, improved customer support, and proactive measures like flagging theft addresses and blocking phishing domains. Despite these security concerns, the report acknowledged Coinbase’s strengths in stablecoin services, blockchain development, asset recovery tools, legal battles with regulatory bodies, and custody products.
As losses continue to mount, Coinbase faces mounting pressure to enhance security measures and protect users from financial losses. Competing exchanges have not experienced similar levels of targeted scams, prompting a reevaluation of Coinbase’s current security protocols.