Business Sandesh Indian Newspaper | Articles | Opinion Pieces | Research Studies | Findings & News | Sandesh News
A new phishing scam is making the rounds, targeting users of Coinbase and Gemini by urging them to transition their assets to self-custody wallets—a tactic designed to trick victims into giving up control of their crypto. Security experts warn that this latest scheme highlights the increasing sophistication of cybercriminals exploiting the push for decentralized finance (DeFi) and personal custody.
How the Scam Works
Victims receive emails or text messages claiming to be from Coinbase or Gemini, warning that they must move their assets to a self-custody wallet due to new regulations, security risks, or platform updates. These messages often include official-looking branding, urgent language, and phishing links that direct users to fraudulent websites.
Once a user clicks the link, they are prompted to enter their login credentials and seed phrases—giving scammers full access to their accounts and funds.
“This scam is particularly dangerous because it preys on users who genuinely believe in self-custody,” said a cybersecurity analyst. “It exploits the trust people have in these exchanges and the broader narrative of ‘not your keys, not your coins.’”
Why Are Coinbase & Gemini Users Being Targeted?
With growing concerns over exchange collapses and regulatory uncertainty, many crypto holders are transitioning to self-custody solutions. Hackers are now weaponizing this trend, knowing that users may be more willing to move funds if they believe it’s a recommended security measure.
Coinbase and Gemini—two of the largest and most reputable crypto exchanges—have millions of users, making them prime targets for phishing campaigns.
How to Protect Yourself from This Scam
To avoid falling victim to phishing attacks, crypto users should follow these best practices:
✅ Verify directly with the exchange – Never trust unsolicited messages. Instead, log into your account through the official website or app.
✅ Check for phishing red flags – Be wary of emails with urgent language, unusual sender addresses, and suspicious links.
✅ Enable two-factor authentication (2FA) – Use authenticator apps instead of SMS-based 2FA for extra security.
✅ Never share your seed phrase – Legitimate exchanges will never ask for your private keys or seed phrases.
✅ Use a password manager – This helps detect fake login pages by preventing autofill on fraudulent sites.
Coinbase and Gemini have issued warnings about the scam and are working to identify and takedown fraudulent websites. Meanwhile, cybersecurity experts predict an increase in crypto-related phishing scams as hackers continue refining their tactics.
The rise of self-custody has empowered crypto users but also created new attack vectors for scammers. Staying vigilant and skeptical of urgent security messages is essential to keeping your funds safe in an increasingly deceptive digital landscape.
