Clients of a major crypto exchange, Coinbase, are still reportedly losing tens of millions of USD worth of cryptoassets per week to social engineering scams, with total losses already in the nine-figure zone.
This time, popular blockchain investigator ZachXBT, who cooperates with another investigator, tanuki42, claims that "another $45M+ was stolen from Coinbase users via social engineering scams in just the last week."
He also shared 10 theft addresses, eight of which are bitcoin (BTC) addresses.
"Over the past few months I have reported on nine figures stolen from Coinbase users via similar social engineering scams. Interestingly no other major exchange has the same problem," ZachXBT noted in a post in his Telegram channel.
Although the investigators started raising the alarm about the Coinbase problem back in February this year, the company still hasn't responded to these claims. We've contacted Coinbase for comment and will update the article once they respond.
As reported by Cybernews, investigators previously claimed that Coinbase users are losing more than $300 million to social engineering scams per year, with at least $65 million stolen in December 2024 and January 2025 alone. Alleged losses in March surpassed $40 million.
Previously, ZachXBT explained that the social engineering scheme begins with a phone call from a spoofed phone number - it's important to remember that Coinbase doesn’t call its users. This call is followed by a spoofed email tricking users into transferring funds to a scammer's wallet.
The investigator also claimed that, in the vast majority of cases, Coinbase doesn’t report theft addresses in popular compliance tools at all, even after the thefts have gone on for weeks, while users struggle to get help from the company.
Previously, ZachXBT accused the company’s leadership of enabling this situation and urged them to take measures to prevent further thefts, such as making phone numbers optional for advanced users with an Authenticator app, improving communication, and other actions.
He also suggested introducing a beginner and elderly user account type that doesn’t allow withdrawals.
Your email address will not be published. Required fields are markedmarked