Famous cryptocurrency trader Jacob Canfield recently admitted on Twitter that he had been the target of a sophisticated scam involving the exchange Coinbase. Canfield claimed to have fallen victim to the fraud, which he called one of the “most sophisticated scams” he has ever seen in the cryptosphere.
According to Canfield’s tweets, the scam starts when the victim receives a text message informing them that their Coinbase two-factor authentication (2FA) has changed. Then, three calls from a San Francisco number, claiming to be from Coinbase’s customer support, ask the user if they have requested an email and 2FA change and if they are travelling outside of the US.
The con artist then sends the victim to the “safety” team, who asks for a “verification code” that has been sent to the victim’s personal email address to avoid a 48-hour suspension. The con artist’s methods were so deceptive, according to Canfield, that they “sounded extremely American.”
The sophistication of the scam rests in its use of a verification code that appears to be the victim’s exact 2FA and is sent through an email that appears to be from Coinbase. Canfield conjectured that the con artists were either logging into his account or were already signed in and attempting to request a withdrawal while speaking to him on the phone.
Notably, the email from which the malware was sent seemed to come from Amazon’s email provider, suggesting that the scammers may also be using an arrogance email address to deceive users. Despite the fact that Canfield was able to update his Coinbase password and 2FA after realizing it was a scam, he voiced concern that many other people would fall victim to it.
Canfield’s tweet was also addressed by cryptocurrency researcher zachXBT, who pointed out that a similar fraud targeted another local victim last year. He suggested that the con artists were probably using social engineering, which involves coercing people into disclosing sensitive information.