A fraudster using Coinbase claims weekly profits of five figures by exploiting high-profile executives in the crypto sector.
“We’re hitting CEOs, CFOs, software engineers,” a brazen scammer told Casa CEO Nick Neuman: “We don’t call poor people.”
Crypto phishing schemes involving fake Coinbase support and leaked data reportedly bring in weekly earnings of tens of thousands for fraudsters targeting top executives and engineers.
After receiving a call from someone pretending to be “Coinbase support,” Nick Neuman, the CEO and co-founder of Bitcoin self-custody firm Casa, decided to flip the script and probe into the scammer’s operations.
“We make a minimum of five figures a week. We hit $35K two days ago; we do it for a reason, there is money to be made in it,” responded the scammer when asked how much they made.
Neuman’s Nov. 20 video on X exposed the scammer’s approach, which hinged on claiming that a password change request had been canceled and a notification sent out.
The malicious link within the “notification” spurred Neuman to question the scammer about the profiles of those who fall victim to these phishing attacks.
“You would be surprised, its people like you, you’re a CEO at Casa […] we’re hitting CEOs, CFOs, software engineers,” he said before adding:
“We don’t call poor people; the data we have is from a database where the minimum you have to have is $50,000,”
Arguing that “money or education isn’t a determinant,” the scammer disclosed that they use Unchained Capital, a Bitcoin financial services firm, to identify wealthy targets.
“We have the Unchained database, and we assume that if you’re into crypto, you’ll have a Coinbase account, so that’s how we run it.”
The scammer claimed they rely on an “auto-doxxer” to dig up additional details on their targets and have the ability to falsify emails to resemble those sent by Coinbase.
The scammer clarified that they don’t aim to capture the victim’s password but instead get them to send funds to a wallet they own.
Read also: Crypto scammers shift tactics, now exploiting with “Pig Butchering” Schemes
Since they are not U.S.-based, the scammers use Tornado Cash to launder stolen funds and occasionally trade the proceeds for Monero, a privacy coin.
“After you hold it in XMR for a couple of days, that bitch is gone; you’re not seeing the funds again.”
In response to inquiries about fiat conversion, he revealed that they don’t rely on KYC exchanges to convert crypto to fiat, instead using hardware wallets, particularly Ledger—associated with phishing attacks since a 2020 database breach—and intermediaries for withdrawals.
In the scammer’s view, accessing company databases poses no challenge, and they compare the crypto industry to the “Wild Wild West.”
The scammer asks, “If you lose $30,000 to $40,000 in Bitcoin or Ethereum, who are you going to call? The crypto police?” and shares that their current target is $100,000 a month in scam profits.
Scam Sniffer, a Web3 security firm, discloses that crypto phishing schemes stole upwards of $127 million in the third quarter.
