Coinbase Users Targeted in $46M Phishing Scam Wave
Coinbase users have reportedly lost more than $46 million to phishing scams in March 2025, as rising cryptocurrency prices continue to attract cybercriminals.
Blockchain investigator ZachXBT revealed that a series of sophisticated phishing attacks have targeted wallets linked to the US exchange in recent weeks. These scams typically involve techniques like address poisoning and wallet spoofing, where scammers create fraudulent wallet addresses that closely mimic legitimate ones, tricking victims into transferring their crypto assets.
Also read: Is Coinbase Safe? Everything You Need To Know
In a Telegram post on March 28, ZachXBT disclosed a significant incident in which 400 Bitcoin — valued at approximately $34.9 million — was stolen from a single wallet linked to the exchange. Further investigation uncovered multiple similar incidents this month, bringing the total estimated losses to over $46 million.
Coinbase Responds, Urges Users to Stay Vigilant
Jaclyn Sales, Director of Communications at the exchange, confirmed that the company is investigating the reported thefts. She reiterated that the company will never contact users to request login credentials, API keys, two-factor authentication codes, or fund transfers. Any such request, she stressed, is fraudulent and should be ignored.
Scammers often impersonate reputable brands to gain victims’ trust. According to a June 2024 report, Meta was targeted by scammers over 25 times more frequently than Coinbase, which remains one of the most impersonated companies in the crypto industry.
Also read: Top Coinbase Competitors: Best Exchanges To Consider
To enhance security, Coinbase advises users to:
- Use a separate email address exclusively for crypto transactions.
- Enable two-factor authentication (2FA).
- Set up an address allowlist to restrict withdrawals to approved addresses.
- Utilize Coinbase Vault for additional security layers.
Phishing Losses Continue to Rise
This is not the first time the exchange users have been targeted. Between December 2024 and January 2025, ZachXBT reported that over $65 million in “high-confidence” phishing-related thefts were linked to Coinbase wallets. He noted that the actual figure is likely higher, as unreported cases and internal support data were not factored into the estimate.
2/ Myself and @tanuki42_ spent time reviewing Coinbase withdrawals and gathering data from my DMs for high confidence thefts on various chains.
— ZachXBT (@zachxbt) February 3, 2025
Below is a table we created which shows $65M stolen from Coinbase users in Dec 2024 – Jan 2025.
Our number is likely much lower than… pic.twitter.com/ZceQ5AggYU
One particularly damaging phishing tactic is known as “pig butchering,” where scammers manipulate victims over time to build trust before convincing them to transfer crypto assets to fraudulent addresses. According to blockchain security firm Cyvers, these schemes cost Ethereum investors over $5.5 billion in 2024 across 200,000 documented incidents.
Also read: Did Coinbase Mislead Investors? Lawsuit Alleges Hidden Bankruptcy Risks
As phishing scams grow more sophisticated, crypto investors are urged to remain vigilant. Always verify wallet addresses, scrutinize unsolicited communication, and never share sensitive information with unknown parties.
