Altcoins Talks - Cryptocurrency Forum
Further Discussions => Reputation, Scams & Phishing => Topic started by: NotATether on March 15, 2025, 06:15:18 AM
-
Somebody just posted (https://primal.net/e/nevent1qvzqqqqqqypzq0mhp4ja8fmy48zuk5p6uy37vtk8tx9dqdwcxm32sy8nsaa8gkeyqqsg8z7e5rdrudtd3zd7vhfsqx9g6xcd5lj35n8vk38any4le5xc3mqr0qh4u) how they received what they said was a very sophisticated attempt to get custody of his coins.
I received a Coinbase scam email earlier today and honestly it's the best one I've ever seen. Hats off to you, and I respectfully disagree, to those scammers. They're going to steal millions with this.
(https://primal.b-cdn.net/media-cache?s=m&a=1&u=https%3A%2F%2Fi.nostr.build%2FjXDikUKJa19Alvfc.png)
I would not be surprised if a lot of newbies fall for this, but anybody who knows an inkling about Coinbase knows that they will never give you a recovery phrase ever.
So it's very hard for many of us to be convinced by this scam, but I hope Coinbase gets wind of this and blocks all the addresses generated ust like they blocked the Twitter hacker's phishing addresses some years ago.
-
Will the link in the e-mail lead the person to download a fake wallet?
Is this the scam?
I hope no one falls for it, and with a simple search on X, the forum or even Coinbase the user can realize that it's a fake
The sender's email also gives away the falsity of the scam
Stay safe guys, and thanks for the alert ;)
-
This is very serious and how could those scammers be that smart to send such an email across all coinbase users, like most of the newbies wouldn't mind falling for this cheap scam because it looks so real, but sincerely where i got to realize is that of the seedphrase, seedphrase is never created this way neither would coinbase issue automatic seed phrase to their users. This is bad attempt.
+1 karma for you.
-
Oh, back again with those stolen data and sending phishing emails to victimize people. It's impossible to stop this, but make sure you know whether the email is legitimate. I hope no one gets scammed.
-
Somebody just posted (https://primal.net/e/nevent1qvzqqqqqqypzq0mhp4ja8fmy48zuk5p6uy37vtk8tx9dqdwcxm32sy8nsaa8gkeyqqsg8z7e5rdrudtd3zd7vhfsqx9g6xcd5lj35n8vk38any4le5xc3mqr0qh4u) how they received what they said was a very sophisticated attempt to get custody of his coins.
I received a bunch of similar messages on my old email address that I used for crypto exchanges.
They probably got leaked from one or more exchanges and than scammers start sending phishing messages like you posted, they only change design to match the original website.
Best solution I found for protection is not to use one email address for everything, and to use temp email when possible.
-
This is very genuine sounding, I would have probably fall for this if I did not read this thread, this is surely going to get some.
The sender's email also gives away the falsity of the scam
Where is sender's email shown?
-
Will the link in the e-mail lead the person to download a fake wallet?
Is this the scam?
No. You see, they are putting a seed phrase inside the email.
If you import it and send any assets to the addresses, they will be drained.
If you connect your wallet using this seed phrase to any site, your coins there will be stolen too.
You don't always need to make the user download software to steal their money.
-
It's really crazy how effective and strategically engineered these phishing attempts actually are and the thing is if you are not experienced or basically don't have a first hand knowledge about it then you pretty much will fall for it most of the time. The email address used in sending these mails are mostly how you can notice them.
One thing too is most times the persons pulling this off have some basic information about those they target because they know those that use coin base and how often they use them.
-
No. You see, they are putting a seed phrase inside the email.
If you import it and send any assets to the addresses, they will be drained.
If you connect your wallet using this seed phrase to any site, your coins there will be stolen too.
You don't always need to make the user download software to steal their money.
Thanks for explaining ;)
Wow, I thought the scam was downloading a fake version of some wallet
But the scam is a bit more sophisticated, since you don't need to download anything, the scam is in the generation of the seed and wallet that the scammers have already created and have under control
I hope no one falls for this scam
-
Will the link in the e-mail lead the person to download a fake wallet?
Is this the scam?
No. You see, they are putting a seed phrase inside the email.
If you import it and send any assets to the addresses, they will be drained.
If you connect your wallet using this seed phrase to any site, your coins there will be stolen too.
You don't always need to make the user download software to steal their money.
So is this another version of honeypot scam? Where the scammer has bots/smart contract set up and and as soon as it connects to any wallets or someone attempts to send anything, the funds gets re-sent to the scammer address. Did I guessed right?
We simply cannot beat bots in term of timing. Before we can even react, the wallet gets drained.