Coinbase Users May Have Lost $46 Million to Rising Phishing Scams

In the past two weeks, Coinbase users may have fallen victim to phishing schemes resulting in an estimated $46 million in losses, as malicious actors continue to exploit the growing interest in cryptocurrency.

These scams, which include address poisoning and wallet spoofing, trick users into sending funds to fraudulent wallet addresses that appear almost identical to legitimate ones.

Blockchain investigator ZachXBT uncovered multiple incidents involving Coinbase-linked wallets, highlighting a significant theft of 400 Bitcoin (worth approximately $34.9 million) from a single address. The investigator shared these findings on Telegram, revealing that the total losses attributed to suspected scams this month have exceeded $46 million.

Coinbase has acknowledged these claims and is actively investigating the situation. In response to the growing concern, the company issued a reminder to users, emphasizing that it will never request sensitive information like login credentials, API keys, or two-factor authentication codes via phone calls or emails. The platform urged users to remain cautious and avoid transferring assets if contacted by anyone posing as a Coinbase representative.

READ MORE:

South Korean Court Sentences Three for $460K Crypto Scam

The ongoing phishing scams are part of a larger trend where fraudsters impersonate well-known brands to deceive users into trusting them. Coinbase has been one of the most impersonated crypto exchanges, although other major global brands like Meta face similar challenges. In the past, scammers have attempted to exploit Coinbase’s massive user base to carry out phishing attacks.

To safeguard their funds, Coinbase advises users to take precautions, such as using a dedicated email for their account, enabling two-factor authentication, setting up an address allowlist, and utilizing Coinbase Vault for added protection. This advisory follows previous incidents, including one where over $65 million was reportedly stolen from users during a phishing wave between December 2024 and January 2025.

Furthermore, more sophisticated scams like “pig butchering” schemes have emerged, where scammers manipulate victims over extended periods to trick them into transferring their crypto assets. These scams have led to substantial losses, with reports indicating that Ethereum-based pig butchering schemes resulted in over $5.5 billion in losses across 200,000 cases in 2024 alone.

Alexander Zdravkov