Crypto users report new scam emails spoofing Coinbase, Gemini

Users in the cryptocurrency space have increasingly reported receiving deceptive emails designed to appear as if they come from reputable exchanges such as Coinbase and Gemini. These emails typically purport to urge users to create new wallets using pre-generated recovery phrases that are controlled by the scammers themselves.

In many instances, users share screenshots of emails that seemingly originate from Coinbase. These messages instruct individuals to migrate to self-custodial wallets, featuring detailed steps for downloading the legitimate Coinbase Wallet. Alarmingly, the emails dictate a stringent deadline of April 1 for users to comply with this purported switch.

Despite the initial guise of legitimacy, the emails also feature unsafe, pre-generated recovery phrases. When unsuspecting individuals create wallets using these phrases and subsequently transfer funds, scammers gain unfettered access to the wallets, allowing them to empty them of assets.

To lend credibility to these fraudulent communications, the emails reference ongoing legal issues involving Coinbase, specifically a class-action lawsuit that claims the exchange sold unregistered securities. It misleadingly asserts that as a result of the lawsuit, a court has mandated users to manage their own wallets, further manipulating users into compliance.

The U.S. Securities and Exchange Commission (SEC) recently dismissed its lawsuit against Coinbase, which had claimed that the exchange was acting as an unregistered broker. This ruling came on February 27, undercutting the scammers’ narrative.

In response to these attempts at manipulation, Coinbase has addressed the situation directly. The company emphasized in a post on X (formerly Twitter) that it will never request users to share recovery phrases via email. “We will never send you a recovery phrase, and you should never enter a recovery phrase given to you by someone else,” they cautioned.

Similarly, Gemini has faced a barrage of similar phishing attempts, with scammers utilizing identical ploys, claiming users need new wallets based on incorrect legal justifications. Notably, Gemini recently concluded its own legal challenges with the SEC, which halted aggressive actions against the firm over allegations related to unregistered securities.

The rise in such scams is alarming, highlighting broader vulnerabilities in the cryptocurrency landscape. A report by blockchain security firm CertiK has categorized phishing scams as the most significant threat to crypto security in 2024, with losses reaching $1 billion across 296 separate incidents.

Recent trends show that various crypto founders have fended off attempts from alleged North Korean hackers striving to compromise sensitive information via fake Zoom meetings. In these instances, attackers have lured individuals into discussions about purported partnership opportunities, subsequently sending links that install malware under the guise of fixing audio issues.

As these threats persist, users are urged to remain vigilant, being mindful of any communications requesting sensitive information or urging urgent action.