Crypto Comedy of Errors: How a Phishing Scam Turned Wallet Migration into Wallet Evasion
A crafty Coinbase phishing scam is fooling users with a fake “migrate to Coinbase Wallet” email. It tricks recipients into using an attacker-controlled recovery phrase to set up a new wallet. The twist? This phishing scheme doesn’t steal your phrase—it hands you one, giving attackers access to your crypto treasure chest!
Hot Take:
In a plot twist worthy of a Hollywood heist movie, cybercriminals have flipped the script on the classic phishing scam. Instead of luring you to click sketchy links, they’re handing you the keys to your own digital vault—with a catch. It’s like receiving a “free” car with the engine permanently rigged to explode. Coinbase users, it’s time to tighten your cyber belts and avoid this crypto calamity!
Key Points:
- Phishing emails claim to be from Coinbase, urging users to migrate to a self-custodial wallet.
- The emails contain a pre-generated recovery phrase controlled by attackers.
- Email security checks, including SPF, DMARC, and DKIM, are bypassed due to clever use of legitimate domains.
- Akamai is investigating the misuse of their domain in the phishing scam.
- Coinbase warns users never to use a recovery phrase provided by someone else.
Already a member? Log in here