The fraudsters on the other end of the line made every effort to appear genuine, quizzing Canfield on his location and even sending a further text message confirming the changes had been cancelled. At this stage, they redirected him to a so-called “security” team to verify his account, threatening him with a 48-hour account suspension if he didn’t comply with their requests.
At this stage, the phishers send Canfield an email appearing to come from the legitimate help@coinbase.com address. It contained a verification code they wanted him to relay back to them, which he refused to do and effectively threw the scammers off their game. The call was terminated abruptly.
Further investigations revealed that the email address was actually coming via Amazon’s email provider, but the waters muddy thereafter. Either the email and code were real, in which case the hackers were on live chat or a call with the real Coinbase support. In this scenario, they could have instigated a password reset or accessed his account had he provided the code.
Alternatively, the email was spoofed and the code was fake. What was going to happen next remains a mystery, though presumably the scammers had another nefarious trick up their sleeve. Fortunately, the trader’s vigilance paid dividends and he suffered no losses from the attack, but what remains worrying that they had access to large amounts of his personal information, including his phone number and email address.
Data Leak Debate and How to Protect Yourself
Credit: Source link
