Skip to contentSkip to site index
Coinbase Logo
Coinbase logo

SECURITY

Phishing Attacks

Phishing attacks are becoming more and more common, so it's important to know what to watch out for.

PhishingIMage-Main

What is a phishing attack?

Phishing is any fake email, SMS message, or website that impersonates a real person or company in order to steal your personal information. They are designed to look and feel legitimate and can be difficult to spot.

Most common phishing methods

Remember, phishing attacks come in different shapes and sizes. They can be very sophisticated and difficult to spot at first. Emails, SMS messages, and automated voicemails are the most common channels used.

Tips for protecting yourself from phishing attacks

Keep your personal information private

Avoid sharing sensitive information, like usernames, passwords, and credit card numbers with people you don’t know.

Take your time

Be patient and extra vigilant when examining urgest requests from unknown or unsolicited senders.

URLs are your allies

Look at URLs and make sure there are no common typos in the web address. Attackers will often use domain names that are nearly identical to the one they are impersonating. I.e. coinbase.com vs. colnbase.com

Hover, don’t click

Avoid clicking links in emails before checking, especially if the email is unsolicited or is “urgent.” Hover over the link first and if the alt text doesn’t match the display text, don’t click on it.

Look for bad grammar and misspellings

Misspelled words and bad grammar are signs that something is wrong. Be thorough and pay attention to these small, but important, details.

Too good to be true?

Any promise of extravagant rewards or monetary compensation should be treated with the utmost suspicion. Avoid clicking or downloading anything from messages that claim to offer you unrealistic rewards.

Phishing-Sub.png

Still unsure? Investigate if there’s any doubt

If you feel like something is wrong, gather more information before acting:

  • Call or message the person you think is being impersonated

  • Go to the company’s website to further investigate

  • Don’t be afraid to reach out to customer support to verify if a particular message you received is legitimate

What to do if you think you’ve been phished

Reset all of your passwords.

Immediately reset all of your passwords.

Reset your password
Contact Coinbase Support

You should enter in contact with our Coinbase support as soon as possible.

Contact support
Alert the community

If you think you’ve received a phishing email from someone impersonating Coinbase, forward the email to security@coinbase.com — we will take action to stop the campaign.

Report phishing

Security 101 - Phishing Scams Videos

Crypto Security 101- Phishing Scams

Phishing Scams

Learn how to keep your account secure from Trust and Safety experts at Coinbase. Get info on best practices when it comes to phishing scams, how to avoid them, and what to do if you accidentally click on the bait.

Crypto Security 101- Tech Support Scams .jpeg

Tech Support Scams

Learn how to keep your account secure from Trust and Safety experts at Coinbase. Tech support scams are a sneaky way attackers can gain control of your crypto. Get info on best practices and learn how to detect them and what to look out for.

Crypto Security 101- Trust Trading Scams

Trust Trading Scams

Learn how to keep your account secure from Trust and Safety experts at Coinbase. Watch this video to get info on best practices when it comes encountering trust trading scams and how to identify them.

Crypto Security 101- Sim Swapping Scams

Sim Swapping Scams

Learn how to keep your account secure from Trust and Safety experts at Coinbase. Compromising the sim card inside your phone is a popular strategy for attackers to get a hold of your crypto. Get info on best practices when it comes to sim swapping scams and learn how to avoid them.

Security PSA Blog Posts

Coinbase Logo

Security PSA: Search engine phishing

Search engine phishing exploits the trust we have in search engines and the convenience of searching for something rather than remembering the domain. The following piece outlines what search engine phishing attacks may look like and how Coinbase users can avoid them.

Coinbase Logo

Security PSA: Airdrop Phishing Campaign

Learn more about Airdrop Phishing Campaign that works by airdropping fictitious coins into victim wallets and enticing them to visit specially-crafted malicious websites

Coinbase Security Prompt

Coinbase Security Prompt — a safer and easier way of signing into Coinbase

Coinbase Security Prompt: a faster and safer way for our users to verify their identity & activities when interacting with the Coinbase ecosystem.