Coinbase is facing a growing crisis as social engineering fraud drains tens of millions of dollars from its customers.
Security analyst ZachXBT has revealed worrying statistics showing how $45 million was stolen from Coinbase users through deceptive strategies in the last week alone.
10/ So where does the blame lie?
- ZachXBT (@zachxbt) February 3, 2025
a) For the vast majority of the time these theft addresses are not being reported at all by Coinbase in popular compliance tools even after the thefts went on for weeks.
b) Multiple victims who have contacted me get stuck with useless customer... pic.twitter.com/ssYL2wN5iO
ZachXBT's analysis shows that the 45 million represents the latest financial loss for Coinbase users due to advanced social engineering attacks. The on-chain investigator believes Coinbase is facing a more serious version of this problem than other cryptocurrency exchanges.
"In recent months I have reported nine-figure thefts from Coinbase users through similar social engineering scams. Curiously, no other major exchange has the same problem," ZachXBT stated in a post on Telegram.
Coinbase did not respond to Cointelegraph's questions at the time of publication, while ZachXBT's findings point to serious security weaknesses on the platform.
From analysis of recent fraudulent activity and historical data, ZachXBT estimates that Coinbase customers lose approximately $330 million each year to social engineering scams. The high number shows how much these cyber criminals adapt their techniques to steal cryptocurrencies from their owners.
Crypto users have long faced social engineering scams. A July 2024 report revealed that impostors posing as Coinbase support stole $1.7 million from a single user, demonstrating the effectiveness of these deceptive practices.
The FBI issues an alert against crypto scams
The United States Federal Bureau of Investigation (FBI) has expressed concern about the rise of these deceptive practices. The FBI alerted the public in August 2024 about scammers posing as representatives of crypto exchanges to steal funds and sensitive information from users.
The alert expanded in September 2024 to include fraudulent job offers that trick crypto users into downloading malicious software. Hacker groups affiliated with the North Korean state have conducted these advanced attacks by hiding malicious software within job applications, employment tests and investment schemes.
Crypto users have experienced an increase in scam emails impersonating cryptocurrency exchanges in March 2025, directing them to transfer their funds to fraudulent external wallets.
The increasing diversity and complexity of these social engineering scams are leading to calls for stronger defensive actions. Phillip Martin, chief security officer of Coinbase, has already called for a unified framework to simplify the reporting of scams, so that the industry can identify and combat these malicious activities more effectively.
ZachXBT's new information is likely to intensify calls for more robust security measures and increased user awareness to reduce the considerable losses suffered by Coinbase's customers.