Coinbase Logo
Coinbase logo

SECURITY

Phishing Attacks

Phishing attacks are becoming more and more common, so it's important to know what to watch out for.

PhishingIMage-Main

What is a phishing attack?

Phishing is any fake email, SMS message, or website that impersonates a real person or company in order to steal your personal information. They are designed to look and feel legitimate and can be difficult to spot.

Most common phishing methods

Remember, phishing attacks come in different shapes and sizes. They can be very sophisticated and difficult to spot at first. Emails, SMS messages, and automated voicemails are the most common channels used.

Tips for protecting yourself from phishing attacks

passwordWalletLocked
Keep your personal information private

Avoid sharing sensitive information, like usernames, passwords, and credit card numbers with people you don’t know.

clock
Take your time

Be patient and extra vigilant when examining urgest requests from unknown or unsolicited senders.

browser
URLs are your allies

Look at URLs and make sure there are no common typos in the web address. Attackers will often use domain names that are nearly identical to the one they are impersonating. I.e. coinbase.com vs. colnbase.com

laptop
Hover, don’t click

Avoid clicking links in emails before checking, especially if the email is unsolicited or is “urgent.” Hover over the link first and if the alt text doesn’t match the display text, don’t click on it.

explore
Look for bad grammar and misspellings

Misspelled words and bad grammar are signs that something is wrong. Be thorough and pay attention to these small, but important, details.

congratulations
Too good to be true?

Any promise of extravagant rewards or monetary compensation should be treated with the utmost suspicion. Avoid clicking or downloading anything from messages that claim to offer you unrealistic rewards.

Phishing-Sub.png

Still unsure? Investigate if there’s any doubt

If you feel like something is wrong, gather more information before acting:

  • Call or message the person you think is being impersonated

  • Go to the company’s website to further investigate

  • Don’t be afraid to reach out to customer support to verify if a particular message you received is legitimate

What to do if you think you’ve been phished

passwordWalletLocked
Reset all of your passwords.

Immediately reset all of your passwords.

agent
Contact Coinbase Support

You should enter in contact with our Coinbase support as soon as possible.

alerts
Alert the community

If you think you’ve received a phishing email from someone impersonating Coinbase, forward the email to security@coinbase.com — we’re happy to take a look and to let you know if it’s real or not.