An alleged scammer posing as a Coinbase assist desk employee has reportedly stolen round $2 million in crypto from customers of the trade, in line with blockchain sleuth ZachXBT.
In a Monday X publish, ZachXBT claimed that he had managed to pinpoint the id of the alleged scammer after cross referencing Telegram group chat display screen photographs, social media posts and pockets transactions.
ZachXBT alleged that the “Canadian risk actor” had “stolen $2M+ through Coinbase assist impersonation social engineering scams previously 12 months blowing the funds on uncommon social media usernames, bottle service, & playing,”
The Canadian allegedly deployed social engineering techniques to dupe Coinbase customers into believing he labored for the trade. In his publish, ZachXBT shared a leaked video of the alleged scammer on the cellphone with the sufferer providing pretend buyer assist.
Whereas the specifics weren’t detailed, social engineering usually consists of scammers posing as somebody from a professional organisation to achieve belief and elicit non-public information from unsuspecting victims, or to make doubtful transactions.
“Within the display screen recording he leaks the e-mail…. and his Telegram account with a quantity,” ZachXBT wrote.
The alleged scammer tried to cover their tracks by frequently shopping for “costly Telegram usernames” and deleting previous accounts. Nevertheless, ZachXBT claimed it was simple to pinpoint their id and actions resulting from fixed gloating on social media, and posted screenshots of quite a few examples of “tales and selfies flaunting his life-style with little regard for opsec and was additionally caught simping for eGirls.”
ZachXBT even claimed to labored out the alleged scammer’s dwelling handle utilizing publicly accessible data, however didn’t share them resulting from X’s phrases of service.
How can customers shield themselves towards social engineering?
Whereas seasoned crypto veterans know the very best practices to guard themselves after years of trial and error, newcomers typically want a heads-up.
Associated: Social engineering value crypto billions in 2025: Methods to shield your self
It’s essential for customers to be very vigilant about safe-keeping their non-public information, don’t use the identical password for a number of companies and maintain vital holdings off an trade in a {hardware} pockets.
As a rule of thumb, it is essential to by no means click on on hyperlinks despatched to you or reply to chilly calls. All the time contact buyer assist straight by way of verified avenues equivalent to on the precise web site or app.
Moreover, assist desk staff won’t ever ask for seed phrases or login credentials, share non-public wallets to ship funds to, or re-direct conversations over to social media apps like Telegram.
Journal: Meet the onchain crypto detectives preventing crime higher than the cops