Alerts •   Jun 28, 2023

Detecting Phishing Attempts: An Analysis of a Fake Coinbase Email Alert

It looks so legit!

Over the weekend, a new email from an apparent source entered our inbox. The sender purportedly represented Coinbase, a central cryptocurrency exchange platform. The email content indicated a temporary restriction had been placed on the account, urgently asking to verify recent activities.


At first glance, the email seemed natural and perfectly authentic. On clicking through, it prompted for additional details, appearing genuine in its request. However, upon a closer look, a telltale sign of deception emerged. The URL displayed seemed somewhat fishy, and that's when it dawned upon us - we were dealing with a phishing email.


Phishing attempts like these are rampant, exploiting a user's panic or fear to coax out sensitive information. They create a scarcity scenario, setting off alarm bells to provoke an immediate reaction. The sense of urgency, paired with the seeming legitimacy of the email, could easily lead the unsuspecting recipient to compromise their security. This incident is a stark reminder of the importance of vigilance when dealing with such emails.


However tempting it may be to respond to these emails directly, the best course is to visit the official platform now. In this case, you should go to Coinbase's original site and log in from there. Please don't share sensitive information with a source whose authenticity you can't verify. No credible service will request passwords, PINs, or confidential data via email.