Coinbase Phishing Email

 The Coinbase phishing email is a prevalent scam right now. There are a few variations, some targeting your personal information, as in the image featured above, whereas others target your site credentials. Either way, falling for one of these scams can be costly.  Here is how to spot a Coinbase phishing attempt and move forward if you have already been duped.

Spotting a Coinbase Phishing Email

Check the email address

 The first place to check is, of course, the email.  Make sure that the domain is correct.  The domain is the part of the email that comes after the '@' symbol.  For example, the domain for [email protected] would be copio.org.  The domain should match the website it claims to represent, in this case, coinbase.com.  Below are two images with emails claiming to be from Coinbase.  Can you spot the real one?

Check the subject

 The next place to check is the subject of the email.  Does it contain strange characters, random spaces, or substitutions?  An example of this might be "C0NFIRMATI0N".  In this case, the scammers have replaced the letter 'o' with a zero.  This helps them avoid detection by spam filters.  Another hint can be all caps being used, strange fonts, or typos.  

Check the content

 In a perfect world, you would never have to check the content of a malicious email, you should be able to detect it from the subject and address alone.  If you do open a malicious email though, check for urgency.  Did you suddenly get your account locked and have a day to confirm your bank details?  Did you win a prize and have mere hours to log in and collect? Scammers use tactics like these to make you rush, leaving your better judgment by the wayside. You should also check to make sure it looks right. Does the formatting look right?  Is the grammar correct?  Scammers often make mistakes, but attention to detail will keep you safe.

It's a phish!

 If you have found a phishing email, you should forward it to [email protected] and mark it as spam.  We will take care of everything for you.  

What to do if you fell for a Coinbase phishing email

Change your credentials

 The very first thing you should do is change your password.  You should also contact their support team and notify them of the breach.  If you used your password on other sites, you must change those passwords as well.  I highly recommend you use a password manager such as Bitwarden to generate and store your passwords securely.

Change your documents

 If you suffer from a breach of your personal information, you should reach out to your local police non-emergency line for guidance.  Identity theft can be extremely damaging, scammers have been known to take out mortgages on homes and open bank accounts for money laundering with their victim's information.  

Read out for help

 You should reach out for expert help.  An excellent resource is scamhelp.info, a site dedicated to helping victims of all sorts of scams.  After clicking through one of the pages, you will be able to contact them directly and receive support from trained professionals.