Coinbase Users Targeted in Sophisticated Vishing Scams Involving Recovery Phrases

Coinbase users have recently become targets of increasingly sophisticated phishing scams, as highlighted by a viral TikTok post from user Steve, which details a multi-layered vishing attack mimicking the cryptocurrency exchange’s customer support [1]. Unlike older scams riddled with poor grammar and spelling, these new attempts are highly personalized and use real user data to appear legitimate. Attackers first send an automated voicemail warning of suspicious activity on the victim’s account, followed by a live call from a caller claiming to be from Coinbase support. Through a series of urgent follow-up calls, scammers gradually gain trust and ultimately request the victim’s wallet recovery phrase [1].

The scam leverages personal data leaked in previous breaches, including an incident in May where the personal information of up to 97,000 users was exposed through compromised call center staff [1]. The use of cloned emails, spoofed caller IDs, and even pre-generated seed phrases demonstrates how scammers are becoming more technically advanced in their tactics [1]. Coinbase has reportedly lost over $300 million annually to such social engineering attacks [1].

To combat these threats, the article emphasizes the importance of non-custodial wallets, where users retain full control of their private keys. Scammers can bypass even the most secure platforms if users voluntarily give up their seed phrases, as the crypto industry’s mantra—“not your keys, not your crypto”—remains a critical principle [1].

The article also promotes Best Wallet, a non-custodial wallet with features like multi-party computation (MPC) and biometric security, as a tool for protecting against such attacks [1]. It further introduces the Best Wallet Token ($BEST), a utility token offering reduced transaction fees, staking rewards, and access to new crypto projects. The $BEST presale has already raised over $14 million, with analysts forecasting potential growth in its value [1].

Ultimately, the article underscores that most successful phishing attempts exploit uninformed users who disclose sensitive information under pressure. Maintaining control over private keys and using secure, non-custodial wallets are considered best practices in the ongoing battle against crypto fraud.

Source: [1] Coinbase Hacked: New Attack – Try Best Wallet for Protection (https://www.newsbtc.com/news/coinbase-hacked-new-attack-try-best-wallet-for-protection/)