Edge & Node co-founder Tegan Kline shared a post on the X platform on July 7 describing how a “close friend” of hers was defrauded from them. After his friend was tricked by a scammer into sharing part of his wallet password, $1.7 million worth of cryptocurrency was stolen from his wallet under his control in one day.

The victim said the scammers called him from Coinbase’s security team and the email sent by the scammer appeared to be from Coinbase. The email confirmed that the victim “conversed with an official representative at Coinbase.”

The scammer claimed that the victim’s wallet was “connected directly to the blockchain” and therefore transactions were leaving the wallet. He then sent another email that appeared to be from Coinbase, showing an outgoing transaction. The scammer redirected the victim to a website where they had to enter the passphrase to stop the transactions. The victim entered part of the passphrase but did not send it, even though he knew it was “not secure.”

The victim claimed that $1.7 million worth of cryptocurrency was withdrawn from his wallet hours later.

Alex Miller, CEO of Hiro Systems, stated that such websites “record information even as you enter it” and that even the victim revealing part of the password phrase is enough for “the bad guys to extort the rest.”

Miller said he recently received a call from a scammer who pretended to be from Coinbase using a similar scam method. Miller thinks his information may have been leaked from CoinTracker’s email service provider’s database in 2022.

“Specifically, they were using the Coinbase API key that connects to CoinTracker to authenticate with me (in addition to other information),” he said. “If you use CoinTracker, at least change your API keys,” he advised.

On July 3, X user “TraderPaul04” shared what he called a “highly sophisticated” attempt at social engineering in which a fake Coinbase representative called him. The fake representative called from a different city, claiming that an attempt was made to log into their account.

TraderPaul said that after verifying the full name and email of “an American male posing as a Coinbase employee,” they temporarily locked his Coinbase account and attempted to obtain his account password by sending a fake password reset link. TraderPaul was not convinced and insisted on calling Coinbase customer service directly. The scammer hung up the phone when he couldn’t convince her.

On July 7, user

In the first half of 2024, approximately $1.19 billion in cryptocurrency was lost to security incidents. More than 900 million of this amount was stolen through phishing and password stealing attacks.