Cryptocurrency platform Coinbase has been recently suffering from phishing campaigns with users being vulnerable to data and crypto-asset theft attacks from malicious actors, according to research conducted by Bitdefender Antispam lab.

When the research was brought forward, it was observed that since mid-February, over 25,000 Coinbase users have been targeted with  the following statistics depicting the distribution of the phishing campaign in percentage:

  • India- 69%
  • Brazil-13.73%
  • USA-10%
  • Japan-2.33%

The Coinbase users who were targeted and impacted in the phishing campaign were compromised in an attempt to steal their credentials and poach the crypto assets associated with the accounts which could be now accessed by malicious actors.

Users from countries like South Korea, Sweden, Ireland, Japan, the United States, as well as Great Britain, and Canada have been reportedly impacted by the large-scale Coinbase phishing campaign.

Threat actors actively exploit endpoints or victims by sending notifications alerting them of suspicious activity being detected on their accounts and which requires prompt verification from users who wish to regain access to the platform.

This leads to the threat actors making victims access malicious URLs forwarded in the phishing campaign. Users, thinking that the link is a legitimate one, register their authentic credentials comprising of usernames and passwords.

The notification that supposedly alerts victims goes as the aforementioned detection of unusual or suspicious activity on the users’ Coinbase accounts. Users are threatened by getting notified about account suspension from the Coinbase platform if the identity verification process is not followed to regain account access.

Coinbase-a fleeting yet emphasizing example:

With the rising popularity of cryptocurrency platforms like Coinbase and many others, especially Bitcoin, 2020 has seen a rather exponential increase in the number of cryptocurrency compromise and exploitation incidents, with malicious actors seeking quick earning using such phishing campaigns and malware.

As usual, Coinbase users are recommended to change their current passwords and other related credentials to mitigate any kinds of cyber-risks. 

Phishing attacks are one of the most widely implemented cyber crimes with individuals as well as major corporations and organizations falling prey to them. 

Users, in general, should be careful to not entertain any kinds of suspicious-looking emails that do not guarantee authenticity often observed to be coming up in the forms of the aforementioned scenarios as well as the ones that promise financial or lucrative advantages.