When Your Crypto Wallet Turns into a Swindle Circus: $300M Lost and Counting!

Well now, if social engineering scams were a river, Coinbase users have been takin’ quite the swim and losing some mighty fine coin all through the first quarter of 2025. A sharp feller named ZachXBT done dug up the dirt and counted over $100 million vanished since the tail end of 2024—why, the whole year’s tally just keeps paddling on to $300 million!

BeInCrypto wrangled up a sit-down with Coinbase’s top security wrangler, Jeff Lunglhofer, to gab about why folks fall for these tricks, how the scams unfold, and what they’re doing to try and stomp the varmints out.

How Deep’s This Scamming Quagmire?

Yessir, many a Coinbase user has been pickin’ up splinters from social engineering scams in 2025. It ain’t shocking neither, seeing as Coinbase is the big barn in the crypto corral, and those hackers sure know how to sharpen their knives.

ZachXBT found himself rustling through complaints from all corners of the internet prairie, with folks hollerin’ about surprise account lockouts and dollar bills walkin’ right out the door.

1/ Folks on X been whining their accounts got snarled up ‘cause Coinbase’s risk watchdogs are about as gentle as a mule kick, yet they can’t seem to stop $300 million a year sneaking off to those clever social engineers.
— ZachXBT (@zachxbt) February 3, 2025

On the 28th o’ March, Zach disclosed a corker of an exploit that left one poor soul about $35 million poorer, with others caught in the same tangled web, summing up to over $46 million vanished just that month.

Earlier on, from December to January, $65 million was shown up missing, like socks in a tumble dryer, all thanks to these scams. Coinbase’s got itself a $300 million headache from social engineering alone.

This ain’t just Coinbase’s rodeo—centralized exchanges all over have taken a beating from these ghosts of the internet.

What In The Wide, Wild World Does The Bigger Picture Look Like?

Public numbers on these scams are as thin as grits, but what’s got on record is enough to make your hair curl. The FBI’s 2023 Internet Crime Complaint Center released a tale showing almost half the crypto complaints were about investment fraud—yessiree, 33,000 stories of woe.

They call it “pig butchering” because these scammers fatten you up with sweet talk ’bout easy riches, then chop and run. They ply their trade on social media, dating apps, professional sites, and secret messages—like snakes at a garden party.

These cons scooped nearly $4 billion in 2023 alone, up by half a billion from the year before. Little side scams like phishing added another $9.6 million to the haul.

Coinbase users? Well, they’ve been bitten more times than a mosquito at a summer picnic.

Newfangled Tricks for Suckers: How Coinbase Folks Get Fleeced

The crooks spin fake emails so real-looking you’d swear they came from the very oracle of Coinbase itself, complete with forged Case IDs. Then they ring up their prey on spoofed phones, armed with personal nuggets swiped from dark corners of the net, butterin’ them up real good.

Once the trust is cooked, it’s just a hop, skip, and a jump to having the poor soul hand over the keys to their treasure chest.

These scams have gotten so slick you’d think they took lessons from the best snake oil salesmen of old. And as ZachXBT’s digging shows, there’s a yawning gap between the scam’s ravages and Coinbase’s ability to wrangle ’em.

Folks freeze in panic when their funds play hide ‘n’ seek, while Coinbase’s warnings about suspicious addresses have been about as visible as a ghost at high noon.

How On Earth Do These Things Happen?

Take January’s case, where a poor feller lost $850,000. The scammer called from a fake number, brandishing personal details like a badge to convince him it was all on the up and up.

5/ Next came the spoofed email, with a fake Case ID that’d fool a blind man. They told the victim to shuttle funds to a Coinbase Wallet and whitelist an address while “support” double-checked his account security.
— ZachXBT (@zachxbt) February 3, 2025

The scammer spun a yarn ’bout unauthorized login attempts and had the poor soul shuffle coins to another wallet “for safety.”

Last October, another victim parted with $6.5 million after a call from a scoundrel pretending to be Coinbase support. Before that, another $4 million floated away when a user was roped into resetting their login.

ZachXBT’s feathers got ruffled over Coinbase’s quiet habit of not shouting theft addresses from the rooftops, making it harder to keep the bad guys in check.

BeInCrypto got a word from Jeff Lunglhofer, Coinbase’s big security boss, who gave his two cents on the hullabaloo.

Coinbase CISO Speaks Up: It Takes a Village, Folks

Jeff says, while Coinbase knows the mess well, this ain’t a one-horse show. The whole crypto corral needs to pitch in.

“Sure, Coinbase folks get hit. We’re on it with new tricks to keep our users safe. More importantly, we’re teaming up with others to spread these tactics far and wide across the crypto world,” said Lunglhofer.

He also tipped the hat to “Tech Against Scams,” a posse with heavy hitters like Match Group, Meta, Kraken, Ripple, and Gemini aiming to chase these varmints off the range.

Why Coinbase Keeps Its Own List of Bad Actors

Ask ’em why they don’t fling these crook addresses on public noticeboards, and Jeff says they prefer whisperin’ directly to other exchanges, sharing info quietly like secret handshakes.

“We let other exchanges know where we see the bad apples withdrawing assets. Then we corral those wallets and share the roundup with trusted partners,” he explained.

He also mentioned Crypto ISAC, a club Coinbase helped form for sharing scam intelligence.

And when it comes to spoofed calls and emails, Coinbase hires sheriffs from outside to chase down the troublemakers—they don’t do all the policing themselves.

The Spoofed Email Stampede

Jeff admits spoofed emails come faster than prairie dogs at a picnic, and trying to shoot ‘em all down is near impossible.

“They’re a dime a dozen. I can open ten of ’em quicker than you can say ‘Jack Robinson.’ We do what we can, and when customers holler, we get ‘em taken down.”

Using hired guns, Coinbase takes down fraudulent websites and pesky spoof numbers as fast as the law will let ’em.

“We work with DNS providers and others to boot these off the internet lickety-split,” said Lunglhofer.

Though handy for the future, this don’t bring back millions already lost to slick silver tongues.

The Blame Game: Who’s Got It?

When asked about insurance for users caught in these scams, Coinbase took a vow of silence, leaving folks to guess at what comes next.

See, social engineering dances on the edge of trickery and trust, pulling at a person’s heartstrings till they hand over the treasure. Makes you wonder if the fault lies more with the poor sod who got played or a system not watchin’ close enough.

The crypto crowd mostly agrees that teaching folks how to spot these snake oil salesmen would go a long way.

Jeff mentioned Coinbase never calls you uninvited, and they’ve got a “scam quiz” pop-up to give you a nudge if your brain’s about to hand over the keys to the bandits.

But how well that scam quiz works is as clear as mud, especially since Coinbase keeps mum about the number of scams flagged internally.

Same goes for their “allow lists.”

The $850,000 Wallet Whoop-Dee-Do

Coinbase lets users make safelists to keep their coin from wandering off to shady addresses. Jeff swears by it: on his own account, he only allows three wallets for transfers.

“I keep ‘allow listing’ on tighter than Aunt Martha’s corset, with just three wallets permitted,” he bragged.

But even that didn’t save the poor feller who lost $850,000—because sometimes the crooks are slick enough to get themselves on that safelist, too.

Is There Hope for the Hapless User?

These sly social engineer scams are growing like weeds, and Coinbase users along with their kin in the centralized exchange world get the brunt of it.

Despite Coinbase’s fancy footwork, the big piles of lost cash show the limits of today’s tricks.

Yes, it takes a village, but Coinbase, being the big cheese, ought to take the lead in schooling folks and putting more muscle into protecting wallets.

At the end of the day, social engineering is mostly a battle waged on the user’s turf, not exactly a failing of the exchange’s fortress.

Still, platforms like Coinbase have their hat in this ring to rally the industry and tame this wild stallion of scams.

Those millions flying out the door are a loud and clear signal: keep your wits sharp and work together or risk getting fleeced like a woolly lamb at market day. 🤠💸

Secure your internet browsing with a NordVPN subscription. [Learn more](https://pollinations.ai/redirect/432264)

2025-04-26 15:08

Legendary Australian rock band The Angels announce national tour with new singer – after Dave Gleeson left the band to focus on his radio career

Best Settings for Stellar Blade – RTX 4080

How Toothless evolved for the new ‘How to Train Your Dragon’: ‘We wanted him to feel like a big pet’

Louie Spence: ‘My mum had three kids by age 19 and was a cleaner on our council estate. She didn’t care about my global stardom alongside Tina Turner and The Spice Girls’

Curtis Pritchard gives an update on his love life following his shock split from Ekin-Su Culculoglu

Must see: This “shockingly gory” dark revenge thriller is now available on Netflix

Mobile Legends: Bang Bang Mystic Meow Skins: How to get all three skins for free in MLBB

6 Major Marvel Characters Set to Join the Exciting WandaVision Sequel!

Love Island’s Arabella Chi admits her boyfriend Billy Henty has a ‘new level of respect’ for her after 16 hour labour during birth of their first child