Coinbase phishing email warning

The scam uses a convincing email and login page
Tali Ramsey

An email titled 'Your Account Temporarily Restricted’ impersonates Coinbase and is a sneaky attempt to steal customer login details.

Coinbase is a cryptocurrency exchange company. It is a platform for buying, selling, transferring and storing crypto, a digital currency.

Scammers are always seeking new tactics to steal data and cash through phishing emails. Action Fraud reported that since 2020, more than 41m phishing attempts had been reported to the Suspicious Email Reporting Service. 

Read on to find out how this Coinbase email scam works.

Sign up for scam alerts

Our emails will alert you to scams doing the rounds, and provide practical advice to keep you one step ahead of fraudsters.

Sign up for scam alerts
Sign up

Coinbase scam email

The email claims that the identity documents you’ve provided, such as your ID and proof of address, don’t match the account you selected on Coinbase.

It also tells you that to restore access to your account, you need to follow the link included in the email and upload an identity document, such as your passport, driver’s licence or utility bill.

The email concludes by saying that once Coinbase has received and verified your documents, you’ll receive an email confirming that your account has been restored.

Which? analysed the link included in the scam email. We found that the link includes redirects to a page that looks like Coinbase’s login – however, it's actually asking you to allow a third-party app to access your Coinbase account without needing your password. By entering your Coinbase email address, the fraudster behind the scam will gain access to your account.

A dodgy website asking for you to verify that you're human to log in to Coinbase
A dodgy website asking for you to verify that you're human to log in to Coinbase

If you've fallen for this scam, change your Coinbase password immediately.

We shared the scam with Coinbase, and it said: ‘As the most trusted crypto exchange, Coinbase is deeply committed to our customers’ safety. Coinbase's dedicated security team works around the clock to monitor and mitigate threats, ensuring the highest level of protection for our customers.

'Additionally, we proactively alert users about potential phishing campaigns and collaborate with cybersecurity organisations to enhance our defences.

'Even though we work tirelessly to protect our customers, scammers use many tactics to socially engineer crypto users into giving up their personal information.

'It is crucial that users know that Coinbase will never contact you asking for your seed phrases, passwords, 2-step verification codes, remote access to your device or ask to transfer your funds into a new wallet for security reasons.’

Spotting and reporting scam emails

One giveaway that this email has been sent by a fraudster is that it’s sent from a random email address that is not associated with Coinbase.

Coinbase said that official email addresses end in @mail.coinbase.com, @coinbase.com, @updates.coinbase.com and @info.coinbase.com.

The links in the email to the ‘privacy policy’, ‘terms of service’, and ‘support centre’ also don’t work.

If you receive a suspicious email that you’re unsure of, take these steps:

  • Check the sender's email address to see who it's really from.
  • Analyse the branding, and look for poor spelling and grammar.
  • Hover over the link in the email body and the links at the bottom to see where they lead.
  • See if the email asks for personal information or bank details or tries to rush you into making a decision.
  • If you have an account with the company the email claims to be sent from, log in to your account with that company to see if the details in the message are genuine.

Scam emails can be reported by forwarding them to report@phishing.gov.uk.

If you've fallen victim to a text scam, you can report it to Action Fraud or the police if you live in Scotland.

More on this

Related articles