Blockchain investigator ZachXBT discovered that a Canadian national used social media to impersonate Coinbase employees and defraud users, stealing $2 million worth of cryptocurrency over the past year.
A sophisticated scam targeting users of the Coinbase cryptocurrency exchange has been uncovered, with estimated losses totaling $2 million. Renowned blockchain investigator ZachXBT published the results of his investigation earlier this week, identifying the suspect through analysis of wallet transaction data, Telegram chat history, and social media posts.
The Canadian suspect is accused of employing social engineering tactics by impersonating Coinbase customer support staff. Through phone calls and text messages, the scammer built trust with victims, making them believe they were being assisted by official representatives of the exchange. ZachXBT publicly released a leaked video showing the suspect making a scam call, inadvertently revealing his email address, Telegram account, and personal phone number.
After successfully stealing a large sum of money, the suspect used the ill-gotten gains for a lavish lifestyle. The money was spent on purchasing rare social media usernames, using VIP services at nightclubs, and gambling. Notably, despite attempting to cover his tracks by frequently changing his Telegram usernames and deleting old accounts, the suspect continuously flaunted his extravagant lifestyle on social media with story posts and selfies, completely disregarding the security of his personal information.
Security lessons for the cryptocurrency community.
This incident once again highlights the importance of raising cybersecurity awareness within the cryptocurrency community, especially among new users. Experts advise users to be cautious of any unwanted contact, no matter how legitimate it may seem. The basic principle is never to Chia recovery phrases, login information, or perform transactions in response to unexpected calls.
Users should proactively contact customer support through verified official channels on the website or app, rather than trusting links or phone numbers sent via email or text message. Using different passwords for each service and storing large amounts of assets in hardware wallets instead of on exchanges are also effective preventative measures.
In particular, official support staff will never redirect the conversation to social media apps like Telegram, a crucial warning sign that users need to Mnemonics.
