in

We got Scammed on Coinbase

On 7-20-2021 at approximately 10:20 am someone ported my phone number over (Metro Pcs Provider) to an unknown device. This took place within 3 weeks of becoming involved in Cryptocurrency with coinbase, and no other exchanges.

As per Coinbases policy, they are supposed to block transfers for up to 48 hours when what happened to me takes place, because they are aware of this Sim Swap Scam problem. They did not and now deny a password reset ever took place on my account, and consider the case resolved. I have proof of the password change and everything else that happened saved in emails received from their company. When I told them this, they stopped replying to me.

My account was accessed from an unknown device, with an unknown IP ( 198.54.130.135 ), from a location (Raleigh) no where near where I live, and all of that minutes after the only password reset that ever took place on that new account.

After they took phone number over they used it to reset my hotmail password (because based on Coinbases’ suggestion I had enabled 2 factor authentication, which is what made this scam possible) and used the hotmail account and phone # they took over to reset my Coinbase password. Once in there, they converted everything I had into Ethereum and transferred it out to this address.

0x477cbB8233E9a3cfB492128B72DEe012a0E0b860.

Something I found strange after investigating this is that the thief took the time to delete all the emails showing this happened and then went to delete folder and removed them. They spent all that precious time **before** trying to access other accounts (like my bank account) as if it was very important to them, even though all that info is also saved on Coinbase. I restored those emails and it wasnt until coinbase denied the password reset I thought again about them. Only thing deleting the action trail would only serve that I can think of is to leave me with no proof that a password change had actually taken place.

$600 of those funds should not have been available until 2 days later, but were still converted and transferred somehow. The thief was very fast and familiar with Coinbase and its policies and only seemed to care about and try to steal my Crypto. This combined with how often this happens to Coinbase customers, especially those who are in the first month of joining coinbase, and add to it the fact they deny a password reset took place and it starts painting an obvious picture that coinbase leaks info or flat out has employees involved in this.

I joined coinbase because of the 25,000 insurance that they mention, but apparently never use to help any of their customers after they lose everything on their site.

What do you think?

10 Points
Upvote Downvote

Leave a Reply

Your email address will not be published. Required fields are marked *

GIPHY App Key not set. Please check settings

23 Comments

  1. I still don’t understand why people choose to use SMS MFA over app-based MFA when the SIM swap scam is so well known. App-based is SO much more secure, and it’s not like it costs anything. I use my Microsoft Authenticator for ANYTHING that ties into my finances.

    I work in cybersecurity, and app-based MFA is all we’ll allow our clients to use because of how much more secure it is. It really sucks this happened, and I really hope everything works out for you. But please, start using app-based MFA.

  2. In order to get into an account, you need the following:

    1. Account password

    2. 2FA code (assuming this was 2FA SMS and let’s just say it was compromised already)

    3. E-mail to [confirm new device access](https://help.coinbase.com/en/pro/getting-started/authentication-and-verification/device-confirmation-troubleshooting)

    This is probably my 100th time posting this at least, but SIM swapping you and getting your 2FA codes is simply not enough. You need the password. If you don’t have the password, then a password reset could be initiated, but you need email access. And even then there are [security delays to prevent immediate resets from new](https://help.coinbase.com/en/coinbase/managing-my-account/get-back-into-my-account/reset-my-password) devices.

    Bottom line, everyone needs to take digital security SERIOUSLY with crypto.

    1. Use a strong password. If you’re not using a randomly generated unique password, you shouldn’t be on any Crypto exchange. Password manager or bust.

    2. Secure your email account. If your email account is compromised, basically every account (not just Coinbase) is at risk.

    3. Use a strong 2FA method (TOTP or hardware key)

    4. Secure your computer. Virus scan, malware scan, etc. For average people using a mobile device like an up to date iPhone is probably even a better option. It simply just works.

  3. Coinbases paid troll-farm defenders found this post fast. Funny how they are on EVERY single post on reddit regarding coinbases failures to protect its customers against a known scam,.

    Every single one has at least one with the same exact script of attack OP and blame them, make stupid jokes and upvote them with your alt accounts before down voting anything said against coinbase.

  4. I wrote a complaint on BBB, trustpillot and a bunch of other review websites. We need to keep pressing these clowns:

    [https://www.trustpilot.com/submitted/review?correlationid=6246a251-2bae-4e75-b8ea-05e11f169305](https://www.trustpilot.com/submitted/review?correlationid=6246a251-2bae-4e75-b8ea-05e11f169305)

    I lost $960 because of their platform and inability to let me deposit fiat money. They closed my case without a resolution.

  5. Sim Swap requires the sim pin code. On top of that they need the pin on the number if your provider set any for you. Also if your phone provider port a number they send email confirmation. All of that can not happen in short time without you noticing it UNLESS the hacker is within the Coinbase staff because they have everything about you.
    Now I suggest you to get a lawyer involved sending letters to both Coinbase and phone provider to trace some of the crime leftovers. Also you have to Sue Coinbase in small local court. THEY MUST COMPENSATE FOR LEGAL FEES.

  6. You sound like you can follow much of what happened to you. That is good. Many novice crypto investors cannot do that. Plus this is a new, mostly unregulated industry, without rules and no government agencies to enforce rules when scammers around the world are stealing your money. It will take time to get all of these regulations through all of the regulatory agencies around the world. No guarantees about any of this. Yes, I believe you can lose all of your funds, even if no scammers hit you.

  7. That would be great if you could actually find out through Coinbase wtf actually happened for them to disabled your account. An autobot and generic email replies is not customer service. This is a centralized exchange also, I would expect the amount of inept from an decentralized exchange.
    Now the Coinbase mod is no where to be found.
    Like I said before. I’m going after their ceos and people mentioned on their website.
    I will find their social media accounts and start messaging them.
    All I want to know is why my account in not being reactivated from an actual person at Coinbase.

  8. Most do not know what to do after this happens so will post this here to try and help who I can.

    First contact coinbase and open a case. If you dont get resolution fill out the formal complaint form here once you have a case number.

    [https://help.coinbase.com/…/other/how-to-send-a-complaint](https://help.coinbase.com/…/other/how-to-send-a-complaint)

    ​

    That is the step I am at now and will update this thread with results. Here are some companies you can file with that involve either coinbases failure to protect your funds or your cell phone providers failure to protect your phone number. Reply to this post with any others that could help victims of this scam.

    [https://sec.gov/oiea/Complaint.html](https://sec.gov/oiea/Complaint.html)

    ​

    [https://www.ic3.gov/](https://www.ic3.gov/)

    ​

    [https://www.cftc.gov/Forms/index.htm](https://forms.cftc.gov/Forms/Confirmation.aspx)

    ​

    [https://www.ftc.gov/](https://www.ftc.gov/)

    ​

    [https://www.fcc.gov/](https://www.fcc.gov/)

  9. Something, just about exactly the same happened to me 3 months ago. They transferred out 6000$ worth of crypto, that should of been on hold after the changes were made to my accounts. But unlike in your case, they used coinbase to withdraw 2500$ from my bank. (My daily limit)
    Northern how many times I attempt co tactics with then they simply ignore me and never reply. Its been just over 3 months as I’m writing this. Coinbase doesn’t give 2 fuks about its customers . I’ve heard there are a couple of class action lawsuits that are available or becoming available soo, but havnt seen one for myself yet, though I havnt done a search yet. If I do see one I’m signing it for sure.. I even had about 1000$ just sitting in the account as usd and that’s fcc insured.

  10. This subreddit is a public forum. For your security, do not post personal information to a public forum, including your Coinbase account email. If you’re experiencing an issue with your Coinbase account, please [contact us](https://help.coinbase.com/en/contact-us.html) directly.

    If you have a case number for your support request please respond to this message with that case number.

    You should only trust [verified Coinbase staff](https://help.coinbase.com/en/coinbase/other-topics/other/is-coinbase-present-on-social-media.html). Please report any individual impersonating Coinbase staff to the moderators.

    *I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/CoinBase) if you have any questions or concerns.*

Unrelated but so important it goes here. It’s time to fight army

🎲Monopoly Coin – FairLaunch! 🎩 14 Aug 2021 at 16 UTC Developer docking soon. Our mining app will be available soon. Competition for money, apple technology and a sports car has already started! Official copyright license named “monopolist” with hasbro 🎲