Many reports are surfacing of fraudulent emails that trick users into creating new wallets
Scammers are ramping up efforts to deceive cryptocurrency users by impersonating major exchanges like Coinbase and Gemini. Reports of fraudulent emails have surfaced, tricking users into setting up wallets with pre-generated recovery phrases that allow attackers to take full control of their funds.
Is anyone else getting the fake @coinbase emails and texts? They’re getting increasingly sophisticated.
One is a fake verification text to get you to call a fake support number and the other is an email getting you to set up a real wallet they can drain.
Stay safe out there. pic.twitter.com/8SgjPQeUqk
— Steve 🤙 (@SteveKBark) March 14, 2025
One of the most common tactics involves an email falsely claiming to be from Coinbase. The message urges users to switch to a self-custodial wallet, citing a court order requiring all assets to be moved. A deadline is given, increasing pressure to act quickly. The scam includes instructions on how to download the legitimate Coinbase Wallet app, making the scheme appear more credible.
However, the provided recovery phrases are already in the hands of scammers. If a user follows the instructions and transfers their assets, the funds become immediately accessible to the attackers.
A similar scam is targeting Gemini users with nearly identical messaging. It falsely claims that a recent court ruling requires users to transition to a new wallet. Like the Coinbase scam, it provides fraudulent recovery phrases designed to steal funds. These schemes exploit users’ trust in official communications and take advantage of the uncertainty surrounding legal cases involving crypto exchanges.
Coinbase has publicly addressed the scam, reminding users that it never provides or asks for recovery phrases. Gemini has yet to release an official response. Security experts warn that phishing attacks remain one of the biggest threats in the crypto space, with losses from such schemes surpassing $1 billion in 2024 alone.
As these attacks become more sophisticated, users are urged to verify any unexpected emails, never use pre-generated recovery phrases, and rely only on official websites and apps to manage their assets. Awareness and caution are key to avoiding financial losses in an increasingly risky digital landscape.
