Recent investigations led by on-chain expert ZachXBT have unveiled staggering statistics regarding the financial losses experienced by Coinbase users, amounting to over $300 million annually due to social engineering scams. This startling figure gains gravity when viewed through the lens of user testimonials flooding social media, where numerous Coinbase patrons describe sudden account restrictions—compounding concerns regarding the platform’s safety measures. The crux of the problem appears to stem from Coinbase’s overly aggressive risk models that, while aiming to secure user accounts, inadvertently expose them to sophisticated scams.
After collaborating with researcher Tanuki42, ZachXBT’s study meticulously analyzed transaction patterns and communications from victims. Their findings indicated that a rough estimate of $65 million was pilfered from Coinbase users between December 2024 and January 2025 alone. However, this figure may only scratch the surface, as it doesn’t encompass the multitude of support tickets or reports filed with law enforcement. The investigation flagged cases as severe as one victim losing approximately $850,000, with the stolen funds later connected to a consolidation address implicated in further fraud against a group of over 25 victims.
Social engineering scams commonly involve manipulative tactics in which attackers gain the trust of their victims through fraudulent communication. Typically, a scammer will pose as an authority figure, claiming that a victim’s Coinbase account has experienced unauthorized access attempts. Deceptive emails that mimic official Coinbase communication often follow, replete with false case identifiers urging users to act quickly by transferring funds to a sham Coinbase Wallet. Innovatively-designed phishing sites serve as another tool to ensnare unwitting users, deceiving them into providing sensitive information.
The lengthening reach of these scams can be traced to two predominant groups: an organized faction named ‘The Com,’ alongside operatives primarily based in India who have specifically targeted American clientele. With these actors infiltrating the system, they exploit both human emotions and technological vulnerabilities to create a high-stakes game that leaves users vulnerable to irreversible financial loss.
ZachXBT further identified glaring inconsistencies within Coinbase’s security protocols. For instance, while Coinbase staff discourage the use of Virtual Private Networks (VPNs) on the platform to avoid triggering suspicion, scammers strategically block VPN access on phishing sites, making it harder for victims to discern fraud. The findings mimic a broader trend suggesting that between 2023 and 2024, social engineering scams led to a staggering $4.6 billion theft from unsuspecting individuals.
A litany of unreported security breaches deepen concerns about Coinbase’s operational transparency. These incidents included severe vulnerabilities, such as the exploitation of old API keys and systemic flaws allowing verification codes to reach any email address. Additionally, it was reported that a staggering $15.9 million was illicitly withdrawn from Coinbase Commerce in 2023. Alarmingly, even after weeks of theft, these incidents regularly evade detection by compliance tools, revealing fundamental weaknesses in security protocols.
Interestingly, competing exchanges—such as Kraken, OKX, and Binance—have reportedly evaded similar issues, raising pressing questions about Coinbase’s approach to cybersecurity. Victims striving to recover lost funds frequently encounter roadblocks in reaching effective customer support, further catalyzing distrust in the platform. This increasing pressure on Coinbase to refine its security measures and improve user protection cannot be overstated, especially given the reported losses reaching tens of millions each month.
To address these cumulative concerns, ZachXBT has recommended several actionable strategies for Coinbase to adopt. These include making verification processes more rigorous yet user-friendly by allowing advanced users to forgo phone number necessities favoring authentication apps. The introduction of specialized accounts for beginner or elderly users could mitigate risks by enforcing withdrawal restrictions alongside enhanced customer service lines.
Moreover, bolstering community engagement through informative resources on fund recovery, establishing full-time incident response teams, and proactively mitigating phishing threats could foster a more secure user environment. While the report acknowledged some strengths of Coinbase—including reliable on/off-ramps for stablecoins, the developmental strides made with its Base blockchain, and resistance against regulatory pressures—greater strides are needed to combat ongoing financial threats.
As Coinbase grapples with rising scams and user discontent, implementing comprehensive security reforms will be crucial. To maintain its position as a trusted exchange, Coinbase must prioritize user safety, honing its systems against the sophisticated tactics wielded by contemporary cybercriminals. The challenge remains steep, but the necessity for enhanced protective measures is undeniable.