A new ransomware attack is spreading through malicious Microsoft Office attachments.
A new ransomware attack is spreading through malicious Microsoft Office attachments.

Cybersecurity experts have uncovered a phishing site that tricks Coinbase users by pretending they are from the customer support of one of the largest cryptocurrency exchange platforms.

Blockchain security and data analytics company PeckShield detected the phishing site victimizing unsuspecting users. "Scammers pretend to be Coinbase customer support staff and lure users into copying the phishing site in your Coinbase Wallet App, giving approval to the scam address, and stealing money," Peckshield revealed, exposing the "https://ethswap[.]site as a phishing site."

The blockchain security company also revealed that at least 38 people have been scammed using the said modus operandi and have lost approximately $86,700. Phishing scams typically involve misleading users into revealing sensitive details such as private keys and passwords.

Phishing warning

Photo: Christiaan Colen/Flickr

Peckshield advised cryptocurrency holders to "never send cryptocurrency to external addresses on behalf of alleged support agents" and always add extensions that would help detect phishing sites.

In April last year, a Coinbase user was scammed of 200 Bitcoins, which was around $12 million at that time. The user said that a notification alerting them that their account had been locked popped up after they bought 200 Bitcoins.

The notification appeared to have been from Coinbase, but it was actually part of an elaborate fraud scheme. Worried that their account was locked, the user called the number given in the notification. The scammer immediately changed the user's account and maneuvered the transfer of much of the crypto to their account.

Coinbase is aware of these crypto scams and has created a dedicated page that provides information to users on how to avoid falling prey to these acts. Coinbase warned users to "Never give support staff (or anyone else for that matter) remote access to your machine. This effectively gives the scammer full access to your computer, online financial accounts, and digital life."

It also said that users should "Never give out your 2FA (2-Factor Authentication) security codes or passwords. Coinbase staff will never ask you to share sensitive authentication credentials. Moreover, users must "Never accept outbound calls asking for your confidential personal information. Be aware that scammers can spoof legitimate phone numbers when conducting outbound calls."