A prominent crypto trader recently encountered a highly sophisticated phishing scam that aimed to drain his Coinbase account.
Jacob Canfield, the victim, described it as one of the most complex scams he had witnessed in the crypto space.
Canfield took to Twitter to warn other Coinbase users about a potential data breach after receiving a text message claiming that his Coinbase two-factor authentication (2FA) had been changed.
The scammers went to great lengths, including impersonating Coinbase customer support, to trick Canfield into revealing sensitive account information.
While Canfield managed to thwart the attack, concerns have been raised about the origin of the breach and the possibility of other users falling prey to similar scams.
Canfield received a text message notifying him of a change in his Coinbase 2FA. Shortly after, he received three phone calls from a fake Coinbase customer support line, requesting information about his account activity and attempting to verify his account to avoid a supposed suspension.
The scammers sent a verification code email from a seemingly legitimate Coinbase email address to Canfield’s personal email.
However, Canfield recognized the scam and refused to provide the verification code. It was later revealed that the scammers had gained access to Canfield’s actual 2FA code and were attempting to drain his account while on the phone.
The crypto community has been left puzzled about how the scammers managed to manipulate Coinbase into sending a genuine 2FA verification code email.
Some users speculated that a data breach might have already occurred, allowing the scammers access to Canfield’s account.
Canfield himself is uncertain and suspects that the scammers might have already been logged into his Coinbase account.
Coinbase, however, denied any data breach and suggested that the leak may have originated from a third-party service.
CoinTracker, a tax prep partner of Coinbase, was mentioned by some users as a possible source of the breach, although CoinTracker denied these claims.
While Canfield promptly recognized the phishing attempt, he expressed concern that others might fall victim to this highly sophisticated scam.
Crypto sleuths pointed out similar scams targeting other individuals. Canfield clarified that the scammers did not gain access to his account through SMS or email authentication, indicating the existence of a potential data breach from a third party or the dark web.