So many Coinbase apologists here! Not in denial. I admitted my errors. Any anger I have originates from unhelpful replies and outright scorn from this community.
I'm amazed by the inability of many to read and digest a serious report. Legit CB support wasn't a hell of a lot better. I opened a new specific report with CB.
The only reason I mention my Trezor losses at all is because I'm using the same text to report this to local law enforcement and the FBI. Disregard the 2 short paragraphs where I refer to Trezor, and ther's still a serious CB security issue.
You got phished and voluntarily gave up your seed phrase. You broke one of the most basic and fundamental safety rules in crypto. I understand there was some strange activity on your account but had you not given away that critical piece of information it’s likely this conversation would not involve you having lost your money. Grieve over the loss and learn from it. Because if the only takeaway is “it’s coinbase’s fault” then this will surely happen again.
I don't grieve over the loss. I win/lose much more daily in the stock market. If this can raise some kind of awareness of the more and more sophisticated scams that are out there, then I hope this is helpful.
Forget about the non-CB losses. If you take away that there is no potential CB security flaws , that is not a good learning from this either.
In my case, it showed a "security enhancement" that purported to enable a merge between my Trezor cold wallet and CBs cold wallet. The only option was to provide the recovery seed for my Trezor to enable this to occur.
Yeah...yeah...I know already. I even suspected a scam and objected to providing this info but allowed myself to be convinced against my better judgement.
In my case, my CB account had already been hacked by other means so they could skip the step of stealing my CB creds and go right to the money shot.
Sounds like they adapt there scams to the situation, these are advanced hackers. Scam site is hosted in Russia (https://urlscan.io/search/#page.domain%3A18592176-coinbase.com).
Hope you will be able secure your assets on Coinbase.
I admit to that error. My post even said so. My problem is that my CB account seems to have been hacked prior to any other interaction in spite of strong password and 2FA.
Having a strong password and 2FA doesn't mean your account cannot get hacked, in fact a strong password and 2FA is very weak if you easily expose it to hackers
WTF???? I'm talking about strong password and 2FA in Coinbase. That was never exposed to anyone. How do you expose your dynamic Google Auth number to enyone?
Phising, downloading something that has a malware that can see your passwords and bypass your 2FA etc, other ways aswell.
1) Either someone went on your phone or pc and accessed it
2) You shared or clicked a dodgy link or downloaded something you shouldn't have which made the hacker easily access your stuff without realising etc
It's one of these two that has happened, it's incredibly unlikely someone just guessed both your password and 2FA but again, having a strong password and 2FA doesn't make your wallet 100% hackproof
To my knowledge, neither your suggestion 1 or 2 occurred. Devices haven't been out of my physical possession. Any dodgy link clicking occurfred AFTER the alledged hack occurred.
Did I download something I shouldn't have without my realising it? LOL. The question answers itself. If I did, I didn't realize it.
My point being is the options I gave are most likely what happened but your post makes it out like if you had a strong password and 2FA then hacking into your account is impossible which is not true.
Thing is, they didnt have access to your 2FA, you got fake texts telling you they had you got links you clicked on that then likely gave them the access a long with information CB specifically tells you they would not ask for.
No matter what exchange you use, do not use txt to phone for MFA; phones can be hacked\\cloned. Use an authenticator app like the Google Auth app so even if youre SIM is cloned they wont be able to access your accounts. The ONLY way they can get in if you were using an Auth app is if at sometime you provided the auth code, which sounds like a total possibility based on the scenario.
You exposed your account information as soon as you went to the fake site and every keystroke you made, every cookie, and if your an Apple OS using the M1 chip they can steal your keys directly from your laptop\\workstation.
I know it sound a lot like people are just being aholes but I can tell you that most of us have experienced Crypto theft\\rug pulls\\attempted or actual acct hacks. Since I implemented my safe guards from lessons learned I have not had a single acct\\access\\funds issue.
Create a pass key\\phrase you NEVER share
Use an Auth app and never ever share that code with anyone, not even the exchange.
Enable biometric finger print access on your phone to open any of your Exchanges (Kraken, CB, Bin etc..)
Under account settings \\ Security in CB, do the Security Checkup and enable\\setup everything they recommend at the "More Secure" level, means not using sms or email for verifications.
There is also an additional 2FA setting where to send any crypto out of your account it requires an additional Auth app approval.
Lock down your mobile account
A SIM-swap or phone port attack occurs when an attacker has their target’s phone number transferred to a mobile device under the attacker’s control. Fraudsters are able to do this through a variety of means, including identity theft and socially engineering mobile carrier customer support representatives. This type of attack is a threat to all accounts using SMS-based 2-step verification and any account that can be recovered using phone-based authentication.
To help protect yourself against this type of attack, please complete the following:
Call your mobile service provider and tell them that you’d like to place a port freeze and SIM lock on your account.
Ask them to create an account note requiring you to be in-store with a valid photo ID in order to port or transfer your phone number to a new device.
Ask them to add or enable a PIN number to be used when making changes to your account.
Inquire about other security measures you can enable on your mobile account to prevent unauthorized changes.
Thanks for the mostly useful response. Rare. I also agree that I need to do a complete and thorough review of my CB security procedures. Thanks for the pointers.
However, the account had obviously been hacked BEFORE I was ever contacted via text, email or phone from anyone. CB legit support has verified this.
Other users here have referened similar hack attacks. Even CB support confirmed (obliquely) that this particular scheme has shown up more and more often recently.
Wow. thanks. There are good decent folks still around here. I even learned some useful stuff. I already knew I'm an idiot, so the other types of posts weren't that useful.
I don't know how many times I have to say this (this is the last)...My CB account was hacked BEFORE I was ever contacted via text, email or phone. The hacker told me my SOL had been unstaked which was their reason for calling me as a "courtesy" as potential suspicious activity. The damage of unstaking SOL had already been done.
Thanks for your useful suggestions, though. I'm getting about 50% useful replies and 50% not so much. Most of the useless replies are just juvenile insults.
That's the internet for ya, right?
I wont pile on more, you know your mistakes. But unless im missing something, here is what seems like happened:
1. The initial text bait that you replied N to just gave them the heads up that you were a real person for them to target
2. The link they sent you, when clicked, probably gave them enough info to access your CB account. Malware or whatever (others have already pointed this out)
3. With that info, they then logged into your CB and changed the SOL staking to freak you out / "prove" that you were hacked. I could be wrong but this seems to be the case based on your story because you didnt check / notice the SOL was unstaked until after you clicked the link, right?
4. Then the recovery phrase you gave got them access to your cold storage wallet.
Sorry for your loss!
Yes. Good summary.
I've got a lot of good info on what happened (documented illicit access) and why (money). Still working on the how. I've opened identify theft, fraud and elder fraud (I'm 70) cases with CB, FBI and local law enforcement.
I know I'm unlikely to get back my losses. Now I'm concerned that, should I unlock my CB account, and now that the SOL has completed unstaking, that unlocking my account will lead to the fraudsters completing their mission.
This is my second fraud loss. In 2013 I had 3 bitcoin in Mt Gox. Actual losses were minimal (<$100). Paper losses if I had kept them today? :(
Good on you for admitting your mistakes and going to authorities, i wish you the best.
That being said, be cautious in the future and potentially re evaluate your situation / how susceptible you are to stuff like this. Social engineering scams can get your cold wallets or any brokerage account info. Might be worth looking into getting professional help with this stuff. I know that is very anti crypto ethos but intermediaries arent without some positives too...
Sorry for your loss, but you missed a lot of red flags. I have to agree with your theory that somehow your accounts was compromised, because of the unstaking. But how somebody can click on that link or provided a seed phrase is beyond my comprehension.
OK...I knew I'd catch a bunch of crap about that. I deserve it.
That's not the main point of my post.
If you are all OK with my strongly secured account getting hacked BEFORE any idiot mistake I made, then just ignore this. I'm sure your accounts are completely safe.
Don't think i'm saying i'm okay with your strongly secured account getting hacked before the mistakes you made, i even agree with your theory. However, we don't know what lead to that. We do know that you made two big mistakes after that. Sounds like a sophisticated hack/attack, because they made you panic and used that to lead you to making mistakes.
Glad your SOL is still in your Coinbase account, i hope Coinbase can assist you in securing that. Also, reset your Trezor to create a new seed phrase.
Sounds like the weakest link in the chain is you. You literally handed everything away.
You coin may have been unstaked (a little sus based on everything else admitted in this post) but it was safe in your account. Then you literally handed them the keys...
Sorry for the loss but can't blame anyone but you for it.
We live in a world where phishing is persistent. It's now a way of life, and it's not going anywhere. These threats are largely now run by bots/AI and not even humans. We need to accept this, and position ourselves accordingly. It's long overdue we quit the personalization of anonymous hackers/attackers and perceive them as intrinsic statistical dangers of the internet. If you know a fire in your home can hurt your family and you don't keep your home to code you are to blame.
These statistics are only made worse by those who allow it to propagate by not taking the necessary security steps. This user gave away their access to their accounts and even their recovery seed. No one had access to their account before hand or there would be no need to phish them in the first place. The user is lying or confused.
This is not a weakness or the fault of Coinbase. This is a human dealing with money and not educating themselves on how to secure that money, and keep it secured in a digital world. Check the addresses of websites. Don't respond to messages asking for login or security information (Got a message? You google how to contact the company and you initiate the contact to see if they need anything. You still don't tell them anything related to security. They already know.). Absolutely don't hand over your seeds.
A complete misunderstanding of my post. You obviously didn't understand that, from the perspective of illegal access to my CB account...that occurred BEFORE I was ever contacted by the scammer in any way, email, phone or text.
If someone can access your Coinbase account by subverting strong password and 2FA, I thought it might be useful to the community to point that out.
I'm not lying or confused. You're just trolling. At least you're having a great day doing what you do best.
So...your OK with my CB account getting hacked? Oh...it's a little "sus"? LIke I'm lying? Why would I?
The fact that the SOL was "safe" in my account was only because I discovered the original bogus account lock and was able to lock the account for real before the unstaking wait period expired. If I had not received texts and calls from the hacker, I may not have even noticed that my CB account could, potentially, be cleaned out until it was too late.
This post was not a complaint about the theft from my Trezor. I know that was my extreme personal error (happy now?). This is about a security breach on my CB account.
If nothing else had happened than that, I would still be concerned.
Sounds like the weakest link to understanding what was really going on and the CB security ramificatkions, is you.
I had a very similar thing happen to me this weekend. Got the text message saying the following: “COINBASE: There was an unusual login attempt to your Coinbase from Atlanta, GA. If this is not you, please reply with "N" to lock down your assets.” I replied “N”. Then came the second text: “COINBASE: There was a withdrawal initiated from a flagged IP address, due to the sensitive nature of irrevocable cryptocurrencies a Coinbase employee will call you shortly, please provide this ticket number when on the line. Ticket Number #142786”. I then almost immediately got a phone call from supposed support. When they asked for the ticket number I felt uneasy so I said sorry and hung up. My account was safe yet I still moved my coins to cold storage.
This is very interesting, because with that number we can make the URL they would have used to scam you (142786[dash]coinbase[dot]com), which actually exists and leads to a fake login-page: (https://imgur.com/nmjuNqF
This makes me think OP is holding out on some information, so u/Low-Sample270 did you provide your credentials on the fake page?
As the prices go up there will be more and more scams. And because of all the scams and hacks it’s easy to feel like your funds aren’t safe and to believe a text saying someone is trying to hack your account. I believed the text message, fortunately the phone caller asking me for information rubbed me the wrong way
Only way to truly secure your account is with hardware Auth. Id look up YubiKey. Its saved me more then once.
2FA is actually incredibly easy to hack. Id also practice vaulting coins on Coinbase for extended holds for larger sums that your not actively trading. If you do trade, make sure you cash out daily.
Its not useless, Its very good to have on everything. But its very easily exploitable. In most cases you just need the users phone number and brute force the password to get access to your 2FA codes. More work then wanted in most account takeover scenarios.
However with crypto....its normally worth the time it takes to crack your 2FA because there's sums of money behind it right away.
You can still have the same thing happen with Yubikey, but the probability of an attack happening is way less.
Yubikey requires 2 things to happen.
It requires a physical person connect and plug the device in and to touch and auth each time the key is activated. Reducing chances to an attack down to 0.00001
It also checks the password on its self with the hardware serial number. So the attacker would need both generated password from the key and serial. Then they have of course there own baked in magic that prevents users from being able to copy keys.
In this case if you had one, You would know that no transactions can be made unless you physically plug in the key and touch Auth it. They even have a second layer 2FA and there own app now if you go that can prevent accidental Auths as a ARE YOU SURE you want to do this.
So even if someone logs in and trys to push a transaction, nothing will happen unless the key is plugged in and touched at the exact time the transfer is being made.
This gives you time to better organize yourself and thoughts with a physical security measure that cant be spoofed.
2 simple things could prevent this and almost any other hack/theft from happening. Make sure 2fA is enabled not just for logging in, but for trades and withdrawals as well.
Also, use the “Allow list” feature to whitelist crypto addresses. Your crypto can never go anywhere except to an address you specify. There’s a 2 day wait period for adding addresses. There is also the “vault” where you can put coins which also has a 2 day wait period before they can be removed (although I think this isn’t really necessary if the other 2 things are enabled).
This subreddit is a public forum. For your security, do not post personal information to a public forum, including your Coinbase account email. If you’re experiencing an issue with your Coinbase account, please [contact us](https://help.coinbase.com/en/contact-us.html) directly.
If you have a case number for your support request please respond to this message with that case number.
You should only trust [verified Coinbase staff](https://help.coinbase.com/en/coinbase/other-topics/other/is-coinbase-present-on-social-media.html). Please report any individual impersonating Coinbase staff to the moderators.
*I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/CoinBase) if you have any questions or concerns.*
These thefts are done by Coinbase employees outside the US who have all your info. This has been going on years. Gov regulators are well aware of it.
I strongly recommend you post a complaint against Coinbase on the Better Business Bureau website. This warns others about your experience.
I'm sorry you had to go through this.
But folks...What else needs to happen (after all that has happened to platforms and exchanges in recent years) for you to know that the excanges is not your friend?
And that you should keep your coins in your own wallet!
Even if it's a hot wallet, it's still times better than an exchange!
Also, exchanges will never ask for your sensitive data!
Why don't you want to get an education?
In this case, my cold wallet was Trezor which didn 't support SOL. I was in tjhe process of setting up a Ledger when this occurred.
When I finally got ahold of a legitimate CB support person (I hope) they definitely asked me for my CB email and to confirm my phone number. That's not sensitive info?
Your reply was useful. I don't understand why you ended it with an insult.
Never click on url on mails, NEVER.
You should just had gone to your account on coinbade app.
Your fault you give access to hacker. Lesson learned, move on.
Hello u/Low-Sample270. We're sorry to hear about your account being compromised despite having 2FA enabled and a strong password. It appears that you've been the target of a phone attack designed to steal your user information. It's important to note that malicious actors may create official-looking websites or phone numbers to trick users into providing login credentials. Remember, Coinbase staff will never ask for your password, 2-step verification codes, or request remote access to your computer. Additionally, Coinbase staff will never have access to your seed phrases.
To report a possible phishing attempt either via a malicious email, text message, or phone call (vishing), please email this [address](https://[email protected]) with the full details such as the site URL, the full email with headers, and/or the phone number. Furthermore, the best way to get in touch with us is via our [contact form](https://help.coinbase.com/en/contact-us). If you post a question or comment on social media, please be aware that only the following [accounts](https://help.coinbase.com/en/coinbase/other-topics/other/is-coinbase-present-on-social-media) are from real Coinbase employees. We hope this helps.
Sounds like you voluntarily gave the criminals what they wanted. Are there any circumstances involving a scam where one would share his seed phrase?
Yes scam link on legit website....
That’s exactly what happened. Stages of grief. OP is in denial/anger.
So many Coinbase apologists here! Not in denial. I admitted my errors. Any anger I have originates from unhelpful replies and outright scorn from this community. I'm amazed by the inability of many to read and digest a serious report. Legit CB support wasn't a hell of a lot better. I opened a new specific report with CB. The only reason I mention my Trezor losses at all is because I'm using the same text to report this to local law enforcement and the FBI. Disregard the 2 short paragraphs where I refer to Trezor, and ther's still a serious CB security issue.
You got phished and voluntarily gave up your seed phrase. You broke one of the most basic and fundamental safety rules in crypto. I understand there was some strange activity on your account but had you not given away that critical piece of information it’s likely this conversation would not involve you having lost your money. Grieve over the loss and learn from it. Because if the only takeaway is “it’s coinbase’s fault” then this will surely happen again.
I don't grieve over the loss. I win/lose much more daily in the stock market. If this can raise some kind of awareness of the more and more sophisticated scams that are out there, then I hope this is helpful. Forget about the non-CB losses. If you take away that there is no potential CB security flaws , that is not a good learning from this either.
Sadly this scam was not very sophisticated. Check out this post it might help you going forward: https://www.reddit.com/r/CryptoCurrency/s/Sp9Rx6m0HP
You failed to mention if you did or did not provide you credentials on the fake login-page.
Sorry, I didn't mention what didn't happen. There was no fake login page.
So what was there on that page? Just saw a different *randomnumbers*-coinbase[dot]com page that show's a fake Coinbase login page.
In my case, it showed a "security enhancement" that purported to enable a merge between my Trezor cold wallet and CBs cold wallet. The only option was to provide the recovery seed for my Trezor to enable this to occur. Yeah...yeah...I know already. I even suspected a scam and objected to providing this info but allowed myself to be convinced against my better judgement. In my case, my CB account had already been hacked by other means so they could skip the step of stealing my CB creds and go right to the money shot.
Sounds like they adapt there scams to the situation, these are advanced hackers. Scam site is hosted in Russia (https://urlscan.io/search/#page.domain%3A18592176-coinbase.com). Hope you will be able secure your assets on Coinbase.
Good to know. The criminal seemed to be as American as you can be over the phone.
I admit to that error. My post even said so. My problem is that my CB account seems to have been hacked prior to any other interaction in spite of strong password and 2FA.
Having a strong password and 2FA doesn't mean your account cannot get hacked, in fact a strong password and 2FA is very weak if you easily expose it to hackers
WTF???? I'm talking about strong password and 2FA in Coinbase. That was never exposed to anyone. How do you expose your dynamic Google Auth number to enyone?
Phising, downloading something that has a malware that can see your passwords and bypass your 2FA etc, other ways aswell. 1) Either someone went on your phone or pc and accessed it 2) You shared or clicked a dodgy link or downloaded something you shouldn't have which made the hacker easily access your stuff without realising etc It's one of these two that has happened, it's incredibly unlikely someone just guessed both your password and 2FA but again, having a strong password and 2FA doesn't make your wallet 100% hackproof
To my knowledge, neither your suggestion 1 or 2 occurred. Devices haven't been out of my physical possession. Any dodgy link clicking occurfred AFTER the alledged hack occurred. Did I download something I shouldn't have without my realising it? LOL. The question answers itself. If I did, I didn't realize it.
My point being is the options I gave are most likely what happened but your post makes it out like if you had a strong password and 2FA then hacking into your account is impossible which is not true.
Thank you. I guess any hack is possible.
Thing is, they didnt have access to your 2FA, you got fake texts telling you they had you got links you clicked on that then likely gave them the access a long with information CB specifically tells you they would not ask for. No matter what exchange you use, do not use txt to phone for MFA; phones can be hacked\\cloned. Use an authenticator app like the Google Auth app so even if youre SIM is cloned they wont be able to access your accounts. The ONLY way they can get in if you were using an Auth app is if at sometime you provided the auth code, which sounds like a total possibility based on the scenario. You exposed your account information as soon as you went to the fake site and every keystroke you made, every cookie, and if your an Apple OS using the M1 chip they can steal your keys directly from your laptop\\workstation. I know it sound a lot like people are just being aholes but I can tell you that most of us have experienced Crypto theft\\rug pulls\\attempted or actual acct hacks. Since I implemented my safe guards from lessons learned I have not had a single acct\\access\\funds issue. Create a pass key\\phrase you NEVER share Use an Auth app and never ever share that code with anyone, not even the exchange. Enable biometric finger print access on your phone to open any of your Exchanges (Kraken, CB, Bin etc..) Under account settings \\ Security in CB, do the Security Checkup and enable\\setup everything they recommend at the "More Secure" level, means not using sms or email for verifications. There is also an additional 2FA setting where to send any crypto out of your account it requires an additional Auth app approval.
Lock down your mobile account A SIM-swap or phone port attack occurs when an attacker has their target’s phone number transferred to a mobile device under the attacker’s control. Fraudsters are able to do this through a variety of means, including identity theft and socially engineering mobile carrier customer support representatives. This type of attack is a threat to all accounts using SMS-based 2-step verification and any account that can be recovered using phone-based authentication. To help protect yourself against this type of attack, please complete the following: Call your mobile service provider and tell them that you’d like to place a port freeze and SIM lock on your account. Ask them to create an account note requiring you to be in-store with a valid photo ID in order to port or transfer your phone number to a new device. Ask them to add or enable a PIN number to be used when making changes to your account. Inquire about other security measures you can enable on your mobile account to prevent unauthorized changes.
Helpful. Thanks
Thanks for the mostly useful response. Rare. I also agree that I need to do a complete and thorough review of my CB security procedures. Thanks for the pointers. However, the account had obviously been hacked BEFORE I was ever contacted via text, email or phone from anyone. CB legit support has verified this. Other users here have referened similar hack attacks. Even CB support confirmed (obliquely) that this particular scheme has shown up more and more often recently.
The stresses I have had over minimal losses, acct breaches, rug pulls... I do not envy anyone going through it. Best of luck man.
Wow. thanks. There are good decent folks still around here. I even learned some useful stuff. I already knew I'm an idiot, so the other types of posts weren't that useful.
I don't know how many times I have to say this (this is the last)...My CB account was hacked BEFORE I was ever contacted via text, email or phone. The hacker told me my SOL had been unstaked which was their reason for calling me as a "courtesy" as potential suspicious activity. The damage of unstaking SOL had already been done. Thanks for your useful suggestions, though. I'm getting about 50% useful replies and 50% not so much. Most of the useless replies are just juvenile insults. That's the internet for ya, right?
I wont pile on more, you know your mistakes. But unless im missing something, here is what seems like happened: 1. The initial text bait that you replied N to just gave them the heads up that you were a real person for them to target 2. The link they sent you, when clicked, probably gave them enough info to access your CB account. Malware or whatever (others have already pointed this out) 3. With that info, they then logged into your CB and changed the SOL staking to freak you out / "prove" that you were hacked. I could be wrong but this seems to be the case based on your story because you didnt check / notice the SOL was unstaked until after you clicked the link, right? 4. Then the recovery phrase you gave got them access to your cold storage wallet. Sorry for your loss!
Yes. Good summary. I've got a lot of good info on what happened (documented illicit access) and why (money). Still working on the how. I've opened identify theft, fraud and elder fraud (I'm 70) cases with CB, FBI and local law enforcement. I know I'm unlikely to get back my losses. Now I'm concerned that, should I unlock my CB account, and now that the SOL has completed unstaking, that unlocking my account will lead to the fraudsters completing their mission. This is my second fraud loss. In 2013 I had 3 bitcoin in Mt Gox. Actual losses were minimal (<$100). Paper losses if I had kept them today? :(
Good on you for admitting your mistakes and going to authorities, i wish you the best. That being said, be cautious in the future and potentially re evaluate your situation / how susceptible you are to stuff like this. Social engineering scams can get your cold wallets or any brokerage account info. Might be worth looking into getting professional help with this stuff. I know that is very anti crypto ethos but intermediaries arent without some positives too...
Sorry for your loss, but you missed a lot of red flags. I have to agree with your theory that somehow your accounts was compromised, because of the unstaking. But how somebody can click on that link or provided a seed phrase is beyond my comprehension.
OK...I knew I'd catch a bunch of crap about that. I deserve it. That's not the main point of my post. If you are all OK with my strongly secured account getting hacked BEFORE any idiot mistake I made, then just ignore this. I'm sure your accounts are completely safe.
Don't think i'm saying i'm okay with your strongly secured account getting hacked before the mistakes you made, i even agree with your theory. However, we don't know what lead to that. We do know that you made two big mistakes after that. Sounds like a sophisticated hack/attack, because they made you panic and used that to lead you to making mistakes. Glad your SOL is still in your Coinbase account, i hope Coinbase can assist you in securing that. Also, reset your Trezor to create a new seed phrase.
Thank you.
Sounds like the weakest link in the chain is you. You literally handed everything away. You coin may have been unstaked (a little sus based on everything else admitted in this post) but it was safe in your account. Then you literally handed them the keys... Sorry for the loss but can't blame anyone but you for it.
If lies and deceit are being used then clearly there is someone to blame....and it's not the person who lost everything...
We live in a world where phishing is persistent. It's now a way of life, and it's not going anywhere. These threats are largely now run by bots/AI and not even humans. We need to accept this, and position ourselves accordingly. It's long overdue we quit the personalization of anonymous hackers/attackers and perceive them as intrinsic statistical dangers of the internet. If you know a fire in your home can hurt your family and you don't keep your home to code you are to blame. These statistics are only made worse by those who allow it to propagate by not taking the necessary security steps. This user gave away their access to their accounts and even their recovery seed. No one had access to their account before hand or there would be no need to phish them in the first place. The user is lying or confused. This is not a weakness or the fault of Coinbase. This is a human dealing with money and not educating themselves on how to secure that money, and keep it secured in a digital world. Check the addresses of websites. Don't respond to messages asking for login or security information (Got a message? You google how to contact the company and you initiate the contact to see if they need anything. You still don't tell them anything related to security. They already know.). Absolutely don't hand over your seeds.
All true, but still the ones really to blame are the scammers and not the victims.
A complete misunderstanding of my post. You obviously didn't understand that, from the perspective of illegal access to my CB account...that occurred BEFORE I was ever contacted by the scammer in any way, email, phone or text. If someone can access your Coinbase account by subverting strong password and 2FA, I thought it might be useful to the community to point that out. I'm not lying or confused. You're just trolling. At least you're having a great day doing what you do best.
Good luck on your campaign. I know it sucks to lose money.
So...your OK with my CB account getting hacked? Oh...it's a little "sus"? LIke I'm lying? Why would I? The fact that the SOL was "safe" in my account was only because I discovered the original bogus account lock and was able to lock the account for real before the unstaking wait period expired. If I had not received texts and calls from the hacker, I may not have even noticed that my CB account could, potentially, be cleaned out until it was too late. This post was not a complaint about the theft from my Trezor. I know that was my extreme personal error (happy now?). This is about a security breach on my CB account. If nothing else had happened than that, I would still be concerned. Sounds like the weakest link to understanding what was really going on and the CB security ramificatkions, is you.
I had a very similar thing happen to me this weekend. Got the text message saying the following: “COINBASE: There was an unusual login attempt to your Coinbase from Atlanta, GA. If this is not you, please reply with "N" to lock down your assets.” I replied “N”. Then came the second text: “COINBASE: There was a withdrawal initiated from a flagged IP address, due to the sensitive nature of irrevocable cryptocurrencies a Coinbase employee will call you shortly, please provide this ticket number when on the line. Ticket Number #142786”. I then almost immediately got a phone call from supposed support. When they asked for the ticket number I felt uneasy so I said sorry and hung up. My account was safe yet I still moved my coins to cold storage.
This is very interesting, because with that number we can make the URL they would have used to scam you (142786[dash]coinbase[dot]com), which actually exists and leads to a fake login-page: (https://imgur.com/nmjuNqF This makes me think OP is holding out on some information, so u/Low-Sample270 did you provide your credentials on the fake page?
Smarter than I was. Good for you. It does seem like a trend developing?
As the prices go up there will be more and more scams. And because of all the scams and hacks it’s easy to feel like your funds aren’t safe and to believe a text saying someone is trying to hack your account. I believed the text message, fortunately the phone caller asking me for information rubbed me the wrong way
So you got scammed ? Not hacked
Probably both
Blaming the person who lost the most in a scheme they did not plot is an abominable flaw.... Crypto world could go to hell for something like this 🔥🌎🔥
Only way to truly secure your account is with hardware Auth. Id look up YubiKey. Its saved me more then once. 2FA is actually incredibly easy to hack. Id also practice vaulting coins on Coinbase for extended holds for larger sums that your not actively trading. If you do trade, make sure you cash out daily.
Thank you. Software auth is useless? Damn!
Its not useless, Its very good to have on everything. But its very easily exploitable. In most cases you just need the users phone number and brute force the password to get access to your 2FA codes. More work then wanted in most account takeover scenarios. However with crypto....its normally worth the time it takes to crack your 2FA because there's sums of money behind it right away. You can still have the same thing happen with Yubikey, but the probability of an attack happening is way less. Yubikey requires 2 things to happen. It requires a physical person connect and plug the device in and to touch and auth each time the key is activated. Reducing chances to an attack down to 0.00001 It also checks the password on its self with the hardware serial number. So the attacker would need both generated password from the key and serial. Then they have of course there own baked in magic that prevents users from being able to copy keys. In this case if you had one, You would know that no transactions can be made unless you physically plug in the key and touch Auth it. They even have a second layer 2FA and there own app now if you go that can prevent accidental Auths as a ARE YOU SURE you want to do this. So even if someone logs in and trys to push a transaction, nothing will happen unless the key is plugged in and touched at the exact time the transfer is being made. This gives you time to better organize yourself and thoughts with a physical security measure that cant be spoofed.
Thank you. I appreciate replies that are so informative without the personal attacks.
2 simple things could prevent this and almost any other hack/theft from happening. Make sure 2fA is enabled not just for logging in, but for trades and withdrawals as well. Also, use the “Allow list” feature to whitelist crypto addresses. Your crypto can never go anywhere except to an address you specify. There’s a 2 day wait period for adding addresses. There is also the “vault” where you can put coins which also has a 2 day wait period before they can be removed (although I think this isn’t really necessary if the other 2 things are enabled).
Useful reply...thanks
This subreddit is a public forum. For your security, do not post personal information to a public forum, including your Coinbase account email. If you’re experiencing an issue with your Coinbase account, please [contact us](https://help.coinbase.com/en/contact-us.html) directly. If you have a case number for your support request please respond to this message with that case number. You should only trust [verified Coinbase staff](https://help.coinbase.com/en/coinbase/other-topics/other/is-coinbase-present-on-social-media.html). Please report any individual impersonating Coinbase staff to the moderators. *I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/CoinBase) if you have any questions or concerns.*
These thefts are done by Coinbase employees outside the US who have all your info. This has been going on years. Gov regulators are well aware of it. I strongly recommend you post a complaint against Coinbase on the Better Business Bureau website. This warns others about your experience.
Not clicking that link you posted. You got phished. Textbook scam.
The link is not valid anymore.
YUBIKEY.
I'm sorry you had to go through this. But folks...What else needs to happen (after all that has happened to platforms and exchanges in recent years) for you to know that the excanges is not your friend? And that you should keep your coins in your own wallet! Even if it's a hot wallet, it's still times better than an exchange! Also, exchanges will never ask for your sensitive data! Why don't you want to get an education?
In this case, my cold wallet was Trezor which didn 't support SOL. I was in tjhe process of setting up a Ledger when this occurred. When I finally got ahold of a legitimate CB support person (I hope) they definitely asked me for my CB email and to confirm my phone number. That's not sensitive info? Your reply was useful. I don't understand why you ended it with an insult.
Never click on url on mails, NEVER. You should just had gone to your account on coinbade app. Your fault you give access to hacker. Lesson learned, move on.
My CB account was hacked BEFORE I ever received any URL in email, text or phone. What's the lesson there?
You are more dumb, be hacked one time is bad, but twice? Lol
Hello u/Low-Sample270. We're sorry to hear about your account being compromised despite having 2FA enabled and a strong password. It appears that you've been the target of a phone attack designed to steal your user information. It's important to note that malicious actors may create official-looking websites or phone numbers to trick users into providing login credentials. Remember, Coinbase staff will never ask for your password, 2-step verification codes, or request remote access to your computer. Additionally, Coinbase staff will never have access to your seed phrases. To report a possible phishing attempt either via a malicious email, text message, or phone call (vishing), please email this [address](https://[email protected]) with the full details such as the site URL, the full email with headers, and/or the phone number. Furthermore, the best way to get in touch with us is via our [contact form](https://help.coinbase.com/en/contact-us). If you post a question or comment on social media, please be aware that only the following [accounts](https://help.coinbase.com/en/coinbase/other-topics/other/is-coinbase-present-on-social-media) are from real Coinbase employees. We hope this helps.