Several crypto users have reported receiving scam emails that appear to come from Coinbase and Gemini. The emails tell users they must move their funds to a self-custody wallet before April 1. However, this is a phishing scam designed to steal cryptocurrency.
The emails use official branding to look real. They include instructions on downloading the actual Coinbase Wallet but also provide a pre-generated recovery phrase. If users set up a wallet using this phrase, scammers gain full access and can steal all funds.
False Claims About Lawsuit Used to Trick Users
The scam emails falsely claim that the crypto exchange Coinbase is making this change because of a lawsuit. They say Coinbase must now act as a registered broker and that users must manage their own wallets.
However, this claim is false. The U.S. Securities and Exchange Commission (SEC) dropped its lawsuit against Coinbase on Feb. 27. There is no requirement for Coinbase users to move their funds.
Coinbase has confirmed that it is aware of the scam. The company warned users in an X post that it will never send a recovery phrase and that users should never use a phrase given by someone else.
Gemini Users Also Targeted in the Same Scam
The same scam is also being used against Gemini users. The fraudulent emails claim that a recent court ruling requires users to set up a new wallet.
Gemini was previously sued by the SEC over its Earn program, which allegedly offered unregistered securities. However, the regulator dropped the case on Feb. 26. There is no requirement for users to create a new wallet.
Crypto Phishing Scams on the Rise
A report by blockchain security firm Cyvers revealed that pig butchering scams drained over $5.5 billion from crypto investors in 2024, affecting 200,000 victims. This type of fraud is now considered a bigger threat than hacking attacks.
Pig butchering scams involve long-term social engineering. Instead of stealing funds immediately, scammers gain the victim’s trust over time. They convince users to invest in fake crypto opportunities, often promising high returns.
Additionally, blockchain security firm CertiK recently reported that phishing attacks are the most serious security threat in crypto. According to its annual Web3 security report, phishing scams stole over $1 billion in 2024 across 296 incidents.
The email scam is not the only recent attack targeting crypto users. At least three crypto founders have reported stopping an attempted hack by suspected North Korean hackers.
The hackers invited them to a Zoom call, pretending to discuss a business partnership. Once the call started, the scammers claimed there was an audio issue and sent a new link. Clicking on the link installed malware designed to steal sensitive data.
