Crypto phishing scammers are apparently earning a five-figure weekly income by impersonating Coinbase support and have been using leaked data to target high-ranking crypto executives and software engineers.
CEO and co-founder of Bitcoin self-custody solutions provider Casa, Nick Neuman, said he was recently on a call with a Coinbase support scammer and ended up finding out more than he expected after he “decided to turn the tables on him and ask him about being a scammer.”
“We make a minimum of five figures a week; we hit $35K two days ago; we do it for a reason; there is money to be made in it,” responded the scammer when asked how much they made.
Neuman posted the conversation in a video on X on Nov. 20 in which the scammer orchestrated the attack by stating that a password change request had been canceled and a notification had been sent. The “notification” contained a malicious link, which prompted Neuman to ask the scammer what types of people fell for the phishing attacks.
Recently I was called by someone pretending to be Coinbase support, trying to steal bitcoin.
I decided to turn the tables on him and ask him about being a scammer.
Things got wild - he completely changed his personality & told me everything.
Presenting: To Catch a Scammer 🕵️♂️ pic.twitter.com/OZ6TQAiq5s
— Nick Neuman (@Nneuman) November 20, 2024
“You would be surprised, its people like you, you’re a CEO at Casa [...] we’re hitting CEOs, CFOs, software engineers,” he said before adding:
“We don’t call poor people, the data we have is from a database where the minimum you have to have is $50,000,”
The scammer added that “money or education isn’t a determining factor,” claiming that they get details of their high-roller targets from Bitcoin financial services company Unchained Capital.
“We have the Unchained database and we assume that if you’re into crypto you’ll have a Coinbase account, so that’s how we run it.”
The scammer also revealed they use an “auto-doxxer” to get more details on their targets before making the phishing calls and can spoof emails to make them appear as if they originated from Coinbase.
The end goal isn’t to get the victim’s password but to eventually have them send funds to a wallet controlled by them, said the scammer.
He said they have used Tornado Cash to launder the stolen crypto since they’re not based in the United States and sometimes exchange it for privacy coin Monero (XMR).
“After you hold it in XMR for a couple of days, that bitch is gone, you’re not seeing the funds again.”
When asked about converting to fiat, he said they do not use any KYC exchanges and use hardware wallets, naming Ledger — which has been at the epicenter of phishing attacks since its database was hacked in 2020 — before using middlemen to cash out.
The scammer said that accessing company databases was easy and crypto was like the “Wild Wild West.” “If you lose $30-$40,000 in ETH or BTC, who are you going to call? The crypto police?” he said, adding he’s now trying to hit $100,000 per month from the scam.
More than $127 million was stolen in Q3, 2024 due to crypto phishing attacks, according to Web3 security firm Scam Sniffer.
Magazine: Crypto has 4 years to grow so big ‘no one can shut it down’: Kain Warwick, Infinex