Scammer steals thousands of cryptocurrency users by posing as Coinbase support

Following a conversation with an alleged cryptocurrency scammer, Nick Neuman, CEO of bitcoin self-custody platform Casa, took to X to explain to his audience how he managed to speak with someone who admitted to impersonating a Coinbase support agent.

«Recently, I received a call from a scammer and decided to play along for a while to see how far the situation would go. So I started recording everything and at one point I told the person that I knew what I was doing. This caused the subject to suddenly You will go from being a nice Coinbase support agent to a criminal excited to tell how much money he’s making,” Neuman reported in X.

It all consisted of a phishing scam, a fraudulent technique that allows criminals to obtain sensitive information, such as passwords or credit card numbers, by posing as legitimate companies. Scammers send fake emails or create fraudulent websites that imitate well-known companies, such as banks or cryptocurrency platforms.

In this case, the perpetrator told Neuman that he had canceled a password change for his Coinbase account and that he had sent him an email informing him of the process. However, Nick realized that the email was a password reset request, which included a link to click. That was the trick.

«I’m curious. “How many people fall for these phishing attacks?” Neuman asked, to which the criminal, after laughing, answered the following: “Do you want a direct answer? We earn a minimum of five figures a week…Two days ago we hit 35k. We do it for a reason. You understand me? “There is money to be made with this.”

Nick Neuman-interview-scammer-Coinbase

Nick Neuman, CEO of Bitcoin self-custody provider Casa, recently confronted a scammer during a phone call. Source: X/Nneuman.

The most surprising phase of the call came when Neuman asked, “What kind of people are they who fall for this?” Completely naive people? The response he got was, “You’d be surprised, brother. They are people like you. We call CEOs, CFOs, software engineers… We don’t call poor people. The data we have comes from a database where the minimum you must have is USD 50,000«.

The database referred to by the criminal is made up of people who have an account at Unchained Capital, a financial services platform specialized in bitcoin. To register on the platform it is necessary to provide a valid email address, and if the user wishes to request a bitcoin loan they must have at least USD 50,000 USD in BTC as collateral.

The scammer admitted that his team assumes that anyone with an account at Unchained Capital also has one at Coinbase. Furthermore, he revealed that they use a auto-doxxer to collect information about your objectives, thus avoiding wasting time searching for data on social networks such as LinkedIn.

All of this reminds us that technological and financial education, as well as the ability to remain calm in unexpected situations, do not necessarily depend on a person’s educational background or type of work. In fact, at one point in the conversation, the scammer expressed his surprise at this trend, pointing out that many people with regular jobs have not fallen for the trap, while multiple users with software experience have. An example he cited was the case of a Chinese software engineer who They managed to steal USD 40,000 from him.

Carelessness can be very costly

During the climax of the talk, the subject referred to the space of cryptocurrencies like the wild west: «I think people have a lot of faith in the crypto ecosystem and its security, when it is very easy to get a database. You can simply call these companies saying, ‘Hey, we’re going to send this file,’ acting like you’re part of the company, and you send a resume of a new candidate or whatever… You can include a malware hidden in the PDF, and as soon as they open it the entire system is infected, the entire database is compromised. It’s amazing, isn’t it? When it comes to crypto, it’s like the wild west; That is, you lose USD 30,000 or USD 40,000 in BTC or ETH… Who are you going to call? To the ‘crypto police’?

According to security company Web3 Scam Sniffer, around 10,800 victims were hit by phishing attacks last September. To avoid falling for these scams, it is essential to always verify the authenticity of the emails or messages received; that is to say, never click on links within suspicious emailsand instead directly access the official websites. Additionally, it is vital to activate two-factor authentication (2FA) and remain alert for any unexpected communication.

Another key aspect is education on the most common fraud techniques. The more informed the user is, the better they will be able to identify these scam attempts. Sensitive information should never be trusted through unofficial channels and, if in doubt, it is always best to contact legitimate platforms directly. You may have to wait for the support team to respond, but it’s better to be safe than sorry.

Source link

Leave a Comment