Users in the cryptocurrency space have reported an uptick in phishing emails designed to impersonate crypto exchanges like Coinbase and Gemini. These emails aim to trick individuals into creating new wallets using fraudulent recovery phrases that are controlled by the scammers.
In multiple instances, shared on social media, the emails purportedly from Coinbase urge users to migrate to self-custodial wallets, providing guidance on how to download the genuine Coinbase Wallet, with a specified deadline of April 1 for the transition.
Image from a related post
However, these emails also include pre-generated recovery phrases. If users create a new wallet using these phrases and transfer their assets, all funds deposited will be accessible to the scammer, who can then deplete the wallet.
The fraudulent emails reference a class-action lawsuit against Coinbase, claiming it has been involved in selling unregistered securities, which has led to a court ruling requiring customers to maintain control of their own wallets.
“Coinbase will act as a registered broker, enabling purchases, but all assets must be moved to Coinbase Wallet,” the deceptive email states.
On February 27, the US Securities and Exchange Commission dismissed its lawsuit that accused Coinbase of being an unregistered broker and selling unregistered securities.
The exchange has acknowledged awareness of the scam and referred to its post on social media from March 14, which affirmed, “We will never provide you with a recovery phrase, and you should never enter a recovery phrase provided by someone else.”
Image from a related post
Similarly, Gemini has also fallen victim to the same phishing tactics, sending out emails claiming that users must establish a new wallet due to a recent court ruling.
The SEC had filed a lawsuit against Gemini for allegedly offering unregistered securities through its earn program, but the agency chose to terminate the legal proceedings on February 26.
Image from a related post
Gemini has not yet responded to requests for comment.
A report from a blockchain security firm highlighted that crypto phishing incidents cost users an estimated $1 billion across 296 occurrences, marking it as a critical security threat for 2024.
Related: California financial regulator warns of 7 new types of crypto, AI scams
The rise in email scams coincides with reports from at least three cryptocurrency founders who successfully thwarted an attempt by suspected North Korean hackers to steal sensitive data through fraudulent Zoom calls.
These scammers have targeted crypto founders under the pretense of discussing partnership opportunities. However, when the call begins, they feign technical difficulties and provide a link to a new call that actually installs malware.
Magazine: Lazarus Group’s favorite exploit revealed — Crypto hacks analysis