October 7, 2021 — Eric Swotinsky

Phishing campaign claims 6,000+ Coinbase users as victims

Cyber Protect Cloud

Popular cryptocurrency exchange Coinbase has disclosed that at least 6,000 customers fell victim to a phishing campaign earlier this year, resulting in funds being stolen from their accounts.

Attackers obtained the email addresses, passwords, and phone numbers of many Coinbase customers. The company believes this was done through social engineering techniques, such as an email phishing attack. Once logged in, the attackers were able to transfer cryptocurrency holdings out of the accounts.

While Coinbase requires two-factor authentication, accounts that relied on SMS for that verification were vulnerable due to a flaw in the account recovery process. The flaw has since been patched, but the fix came too late for victims of this campaign.

Coinbase has chosen to reimburse affected users, but most victims of phishing aren't so fortunate. Acronis Cyber Protect Cloud with Advanced Email Security uses advanced behavioral heuristics and cutting-edge updates from our Cyber Protection Operation Centers (CPOCs) to scan all emails coming into your inbox, and blocks emails with malicious content or attachments before they even arrive. This keeps your accounts and data safe by removing the risk of interacting with phishing messages.