A staggering $45 million was drained from Coinbase users in just one week, according to blockchain security expert ZachXBT, who sounded the alarm on a growing wave of social engineering scams targeting the platform’s customers.
Unlike hacks that exploit technical vulnerabilities, these scams exploit human trust. ZackXBT estimates that users are collectively losing around $330 million per year to such schemes, underscoring a persistent threat that’s becoming increasingly sophisticated.
“These scams don’t break into your account by force,” ZackXBT warned. “They trick you into handing over the keys yourself.”
The tactics are deceptively simple but highly effective. Victims receive what appear to be urgent messages from Coinbase support, warning of suspicious activity or account risks. Under pressure, users click malicious links, reveal sensitive credentials, or approve fraudulent transactions—actions that ultimately drain their crypto wallets.
A $1.7 Million Scam in a Single Case
One particularly shocking incident occurred in July 2024, when a Coinbase user lost $1.7 million after falling victim to a scammer impersonating customer support. The victim believed they were resolving an account issue—until it was too late. That same week, crypto-related scams cost users $45 million in total losses.
Security experts say these attacks are no longer confined to mass phishing campaigns. Instead, they’re becoming highly personalized, timed to coincide with account activity, and executed with alarming professionalism.
“It’s a chilling reminder that sometimes the biggest vulnerability isn’t a password—it’s a moment of misplaced trust,” one cybersecurity analyst told reporters.
FBI, North Korean Hackers Among Growing Threats
The FBI has issued multiple warnings about rising social engineering attacks, pointing to North Korean hacking groups that have expanded their operations. These groups have reportedly used fake job offers and other social engineering tactics to compromise victims, particularly in the crypto sector, throughout 2024 and 2025.
With over 100 million users worldwide, Coinbase has become a prime target for such schemes. Experts warn that the platform’s large user base gives scammers a broader pool of potential victims, making it disproportionately exposed to social engineering threats.
In response, Coinbase Chief Security Officer Phillip Martin has called for a more unified, streamlined approach to reporting and addressing scams. Martin advocates for better tools to identify, track, and respond to scams in real-time, emphasizing the need to protect users at scale.
Security professionals advise crypto users to remain vigilant. Best practices include verifying the identity of anyone requesting information, avoiding unsolicited communications, enabling two-factor authentication, and treating unexpected messages with caution.
“Trust, but verify,” one expert emphasized. “In crypto, your greatest defense might just be skepticism.”
