A surge in phishing emails is hitting crypto users, with scammers posing as Coinbase and Gemini to steal funds.
Aqua Ad Server Asynchronous JS Tag – Generated with Revive Adserver v5.5.2
These fraudulent messages instruct recipients to create self-custodial wallets using pre-generated recovery phrases—allowing attackers to seize control once assets are deposited.
Some victims have shared screenshots of emails allegedly from Coinbase, warning them of a class-action lawsuit and urging them to switch to a new wallet before an April 1 deadline. The email provides a real download link for Coinbase Wallet but tricks users into using a compromised recovery phrase. Gemini users have reported nearly identical scams, with emails falsely citing a court ruling as the reason for the wallet migration.
Aqua Ad Server Asynchronous JS Tag – Generated with Revive Adserver v5.5.2
Both exchanges have denied any connection to these emails. Coinbase has reminded users it never provides recovery phrases, while Gemini has yet to issue a formal statement.
READ MORE:
Bitcoin Could Plunge Over 75%, Warns Economist Peter Schiff
The phishing campaign follows the SEC’s recent decision to drop lawsuits against both platforms, a fact scammers are exploiting to make their messages seem legitimate. Meanwhile, blockchain security firm CertiK has warned that phishing remains the biggest cybersecurity threat in crypto, accounting for over $1 billion in losses across nearly 300 incidents last year.
Beyond email scams, hackers are also targeting crypto executives directly. Reports indicate that at least three company founders recently thwarted attempts by North Korean hackers posing as potential partners. The attackers invited them to Zoom meetings, then sent fake links disguised as audio fixes, which were actually malware-laden traps.
Coinzilla Banner 300×250
Aleksander Stefanov
