Cryptocurrency scams continue to evolve, and one of the latest examples involves a scammer impersonating a fraud prevention agent from Coinbase. The victim reported a significant loss of 0.40550574 BTC (approximately $25,682.00 USD) after falling for a phishing scheme. The funds were transferred to a wallet address linked to the scam: bc1qtufty5h5xg2ta49s565jqf8904y2c44rq7hnrk.

How the Scam Unfolded

The victim received a phone call from an individual claiming to be Jack White, a fraud prevention officer from Coinbase. The scammer had already gathered some personal information and used it to convince the victim that their Coinbase account was under threat. According to the victim, they had been receiving emails from Microsoft alerting them about multiple failed attempts to change the passwords of both their Gmail and Hotmail accounts.

The scammer claimed that because of these unauthorized attempts, the victim’s Bitcoin was at risk and needed to be moved from Coinbase to a more secure Coinbase Wallet. Initially hesitant, the victim was convinced by the scammer’s knowledge of their personal details, as well as the convincing back-and-forth conversation via an online chat platform that appeared to be legitimate.

The Fake Transfer: How the Funds Were Stolen

Once the victim was convinced that their Bitcoin was in jeopardy, they agreed to transfer their funds to the Coinbase Wallet for “security reasons.” However, once the transaction was confirmed, the victim was unable to access the funds and noticed that the money was transferred out to the wallet address bc1qtufty5h5xg2ta49s565jqf8904y2c44rq7hnrk without any approval from their side.

The victim further mentioned that the transaction was processed through BlockCypher.com, which facilitated the movement of the stolen funds. Despite reporting the issue immediately to Coinbase support, the support team claimed that the funds were still being verified. At the time of reporting, the victim could still see the funds in their Coinbase wallet but was unable to stop the transfer. Despite escalating the issue through Coinbase support and Action Fraud, the funds remained stolen, and the case was eventually closed on September 24, 2024, by Coinbase.

Investigation Results: One Trace Found at Binance

Our investigation revealed that the stolen funds from the wallet address bc1qtufty5h5xg2ta49s565jqf8904y2c44rq7hnrk were cashed out at Binance, a major cryptocurrency exchange. While this trace doesn’t guarantee the recovery of the funds, it highlights how scammers are laundering stolen crypto through legitimate platforms. Binance and other exchanges are encouraged to improve their anti-money laundering (AML) protocols to prevent such transactions.

Victim’s Report and Action

• Loss: 0.40550574 BTC (~$25,682.00 USD)
• Fraudulent Wallet Address: bc1qtufty5h5xg2ta49s565jqf8904y2c44rq7hnrk
• Facilitating Service: BlockCypher.com

The victim also reported the incident to Action Fraud and Coinbase, but unfortunately, the case was closed on September 24, 2024 without any resolution or recovery of funds.

Red Flags and Warning Signs

1. Impersonation of Support Agents: Scammers often pose as customer support agents or fraud prevention officers to gain trust.
2. Unsolicited Calls and Emails: If you receive a call or email out of the blue claiming that your account has been compromised, it’s crucial to verify the information independently.
3. Pressure to Transfer Funds Quickly: Fraudsters may rush victims into making hasty decisions about transferring funds.
4. No Approval for Transactions: Legitimate crypto transfers require user approval at every step. If you notice unauthorized transactions, it’s a major red flag.
5. Fake Online Chats: Scammers use convincing fake chat platforms to mimic official customer support channels, further building trust with victims.

Conclusion

This scam demonstrates how fraudsters manipulate personal information and impersonate legitimate support channels to steal cryptocurrency. In this case, the victim lost over $25,000 USD due to the fraudulent use of a Coinbase Wallet. The mention of BlockCypher.com in facilitating the transaction emphasizes the need for additional scrutiny over third-party services used for cryptocurrency transfers. Always exercise caution when dealing with unsolicited communications, and ensure that your cryptocurrency transactions are fully verified before approval.