Coinbase Logo

Security PSA: employment scams

Tl;dr: At Coinbase, we aim to be the most trusted and secure place to interact with the cryptoeconomy in support of our mission to increase economic freedom. Trust is not an abstract notion, but a function of the real things we do to protect our users–and the broader crypto community from harm. We want to help individuals identify the misuse of our brand and reputation by bad actors across the ecosystem. In this piece, we highlight the ways individuals can protect themselves against employment scams. Understanding how the chain of events happens in this type of scam will help individuals to identify red flags and report it accordingly. 

By Lilian Lima, Coinbase Global Investigations

Engineering

, January 18, 2023

Coinbase

Scammers are always looking for more sophisticated ways to steal Personal Identifiable Information (PII) from users. A common scam tactic is an Employment Scam. People tend to be more accessible and susceptible to falling victim to scams when looking for new opportunities professionally. Scammers impersonate recruiters and take advantage of professionals to steal personal information and, sometimes, their money. 

An employment scam typically follows this sequence of events:

  • Scammers impersonating recruiters will post attractive positions on an employment website, and most frequently, will reach out to individuals who have posted their resumes online.

  • Victims will fill out a fraudulent job application, which may ask for more information than a typical application. Sometimes, scammers will request users to create an account to collect potential duplicate credentials.

  • Initially, they will contact individuals in a polite and professional manner and conduct online interviews through email or video calls, gathering personal information.

  • Soon after the interviews, scammers will offer job positions and hand over documents requesting more personal information and bank account details. Occasionally, they will ask for payment to begin training or for home office equipment with the guarantee that any expenses will be reimbursed after the work is started.

scam-email-1

*Example of Employment Scam email 1

How this may impact Coinbase customers

Scammers will sometimes attempt to impersonate companies, like Coinbase, in order to gain access to users’ accounts and steal cryptocurrency. Coinbase is actively working to track bad actors who impersonate Coinbase employees and disrupt this threat to our customers.

How users can protect themselves against these scams:

If it sounds too good to be true, it probably is.

Be suspicious if: 

  • you never applied for the position 

  • you are offered higher payment than normal for the role 

  • the recruiter uses a generic email address (e.g. @outlook.com) rather than a corporate email address that matches the hiring company (e.g. @coinbase.com)

  • you are contacted by a Coinbase recruiter using generic email domains (This may be a scammer impersonating a Coinbase recruiter.)

  • interviews are conducted through personal web chats (e.g. WhatsApp)

  • payments are requested, especially during or after the recruitment process

When applying to Coinbase check the following:

  • All legitimate Coinbase job postings are posted on https://www.coinbase.com/careers. Always verify job postings on employment websites by checking our official site.

  • Emails from Coinbase will only come from @coinbase.com email addresses. You can learn more about this here.

  • Coinbase will never request payments during the interview process or after.

scam-email-2

*Example of Employment Scam email 2

If you were contacted by a job scam impersonating employees at Coinbase, immediately cease communicating with the scammers and report this fraud to all relevant authorities in your jurisdiction, as well as the job posting site.

Also, please report any impersonations or fake job recruitment scams to security@coinbase.com. In the report, include a full copy of the email chain with the scammer and the associated scammer email headers. The message headers may allow us to analyze the mail servers used by the attacker and report this abuse to the mail provider directly. 

We’re proud to lead the way in providing the best protections available to all of our 108+ million users. Protecting our customers is our number one priority. This includes keeping your account and digital assets secure. By identifying and reporting scams that target our brand, you can help us keep the crypto community safe.

Coinbase logo
Lilian Lima

About Lilian Lima

Trust and Safety Specialist