Coinbase scam losses reached $45 million in just one week, according to prominent blockchain investigator ZachXBT. In a joint effort with analyst Tanuki42, he uncovered a series of coordinated phishing attacks targeting Coinbase users across multiple blockchains.
The report reveals how cybercriminals are exploiting weak points in Coinbase’s identity verification and compliance systems to drain customer funds.
Coinbase Scam Losses Linked to Social Engineering
According to ZachXBT, the majority of Coinbase scam losses stem from social engineering tactics. Attackers impersonate Coinbase support using fake phone numbers and stolen personal information. They convince victims to “confirm suspicious activity” by guiding them through fraudulent procedures.
The scammers send phishing emails that appear to come from Coinbase, complete with forged IDs and domain names. Victims are instructed to transfer funds to their own Coinbase wallet and whitelist specific addresses. In reality, these addresses are controlled by the hackers.
Once whitelisted, attackers gain full access to the user’s crypto assets.
ZachXBT: Coinbase Fails to Act on Known Threats
The situation escalated as ZachXBT pointed out that Coinbase failed to block wallet addresses even weeks after they had been reported. Many of these addresses are tied to known phishing campaigns.
He criticized Coinbase for not disclosing these vulnerabilities or issuing public warnings. “Even after users reported the scams, Coinbase didn’t disable the attacker wallets. That’s unacceptable,” he wrote.
This raises serious concerns about the platform’s internal security measures and responsiveness to threats.
Attackers Exploit Verification Weaknesses
The researchers discovered that attackers bypass Coinbase’s Know Your Customer (KYC) and compliance checks. They used leaked personal data and social engineering to pass security questions, tricking users into handing over control of their accounts.
Some cases involved deepfake phone calls and cloned emails. In many instances, victims didn’t realize they were being targeted until after their wallets were emptied.
These flaws allowed scammers to execute well-planned fraud on a large scale, contributing to massive Coinbase scam losses.
Blockchain Traces Reveal Organized Theft
ZachXBT and Tanuki42 traced the stolen funds across Ethereum, Bitcoin, and other chains. Many transactions moved through mixers or privacy-focused services to obscure the flow.
Despite being aware of the scam-related addresses, Coinbase didn’t add them to internal blacklists or issue on-chain warnings. This has allowed hackers to continue using the same wallets across multiple scams.
Analysts say this reflects a lack of proactive monitoring by the exchange — a risk for any platform handling large volumes of user funds.
Coinbase Faces Security Backlash
As Coinbase scam losses increase, user trust is declining. Critics argue that the company should provide real-time phishing alerts, implement stricter address verification, and publish blacklists of compromised wallets.
Meanwhile, no official statement has been issued by Coinbase. The silence, ZachXBT says, only adds to the frustration of affected users who lost millions through no fault of their own.
Until Coinbase strengthens its response protocols and transparency, these attacks are likely to continue.
