More than $45 million was stolen from Coinbase users last week alone, as cybercriminals ramp up coordinated social engineering attacks, according to blockchain investigator ZachXBT. This alarming figure highlights a growing threat in the crypto space, where attackers are targeting individuals by manipulating trust and exploiting human psychology.

Image Source: ZachXBT

How Did the Scams Happen?

Unlike technical hacks, these scams relied on social engineering tactics that trick victims into giving up sensitive information such as passwords or wallet access. Attackers posed as trusted contacts or support staff, using convincing messages, emails, and even AI-generated voice calls to deceive users. In some cases, scammers convinced victims to approve fraudulent transactions or share private keys, giving criminals direct access to their funds.

Who Was Targeted?

The victims were primarily individual Coinbase users, with reports suggesting that even experienced investors were caught off guard. One particularly devastating incident involved an elderly U.S. citizen who lost a massive amount of Bitcoin after being manipulated by a fake call center operation. The criminals behind these schemes are believed to operate internationally, with some suspects erasing their online footprints after the thefts.

Why Are Social Engineering Attacks Rising?

Experts point to the increasing sophistication of these scams. Attackers now use advanced AI tools to mimic voices and craft personalized messages, making it harder for users to spot fakes. The crypto industry’s rapid growth and the irreversible nature of blockchain transactions make it an attractive target for cybercriminals.

Industry and Law Enforcement Response

So far, there has been little public acknowledgement from U.S. law enforcement, but the scale of the theft is likely to prompt federal attention. Exchanges like Binance have managed to freeze a small portion of the stolen funds, about $7 million, but most assets remain unrecovered. Blockchain sleuths, including ZachXBT, continue to track the movement of stolen coins and urge platforms to flag suspicious accounts.

What Can Users Do?

With losses from crypto phishing and social engineering scams reaching $364 million in April 2025 alone, experts stress the importance of user education and security. Key recommendations include:

1. Never share private keys or passwords, even with supposed support staff.

2. Always verify the identity of anyone requesting access to your accounts.

3. Enable two-factor authentication (2FA) on all crypto platforms.

4. Be wary of unsolicited messages, emails, or calls regarding your assets.

5. Report suspicious activity to exchanges and authorities immediately.

The recent $45 million theft from Coinbase users is a stark reminder that in the world of crypto, the weakest link is often human trust. As scammers grow more cunning, staying vigilant and informed is the best defence against becoming the next victim.