Hackers Flip the Script: How a Fake Coinbase Email Could Empty Your Wallet

A new and incredibly deceptive phishing campaign is targeting Coinbase users—but this isn’t your typical scam. Instead of stealing your recovery phrase, attackers are handing you one—a pre-generated phrase they control—tricking users into creating wallets the hackers can drain instantly.Disguised as an official Coinbase email, the attack bypasses traditional security checks, using a convincing story about a court-mandated shift to self-custodial wallets. The emails, which originate from a compromised Akamai account via SendGrid, direct users to the legitimate Coinbase Wallet app but instruct them to import a recovery phrase that’s already compromised. The moment victims transfer funds, their assets are gone.We break down: 🔹 How this phishing campaign bypasses SPF, DKIM, and DMARC to land in inboxes. 🔹 Why this "reverse phishing" technique is a dangerous evolution in crypto scams. 🔹 The role of social engineering and trust manipulation in making this attack successful. 🔹 Coinbase’s response and why you should never use a recovery phrase given to you—ever. 🔹 Practical steps to identify and avoid crypto phishing scams before it’s too late.🚨 Whether you're a casual investor or a seasoned crypto trader, this new breed of phishing attack is a wake-up call. Tune in now to learn how to protect your assets and stay ahead of cybercriminals! #CryptoSecurity #PhishingScam #CoinbaseHack

There are no comments yet.

Please log in to write the first comment.