CyberSecurity news

FlagThis

Lawrence Abrams@BleepingComputer //
A large-scale Coinbase phishing attack is underway, targeting users with a sophisticated scam disguised as a mandatory wallet migration. The attackers trick recipients into setting up a new wallet using a pre-generated recovery phrase, effectively gaining control of any funds transferred into it. The phishing emails falsely claim that Coinbase is transitioning to self-custodial wallets due to a court order, creating a sense of urgency and legitimacy. This manipulation of emotions and perceived authority is a common tactic in phishing scams.

The emails stand out because they lack traditional phishing links, instead directing users to legitimate Coinbase pages to build trust. The core mechanism involves providing a pre-generated recovery phrase, exploiting the user's potential misunderstanding of recovery phrases. By convincing users to set up their new Coinbase Wallet with this phrase, attackers gain full access to the wallet.
Original img attribution: https://www.bleepstatic.com/content/hl-images/2025/03/14/coinbase-header-bright.jpg
ImgSrc: www.bleepstatic

Share: bluesky twitterx--v2 facebook--v1 threads


References :
Classification:
  • HashTags: #phishing #Coinbase #cryptocurrency
  • Company: Coinbase
  • Target: Coinbase users
  • Product: Coinbase
  • Feature: wallet migration
  • Type: Phishing
  • Severity: High