As you all know, I’ve talked a lot about scams and the many kinds of phishing scams that into my email’s inbox. I’ve talked about what to look for, what not to do in these scams, and how to not let your emotions get the best of you. Even when going through all of these things, there are still some scams that I come across that still can cause me to panic and in this case, it is a Coinbase scam. The previous phishing scam I received didn’t cause a lot of worry for me and you can read about that by clicking here.
I will go over why this particular scam caused me to panic and how I eventually calmed myself down and allowed me to look over everything very thoroughly and realize that it was ultimately a scam. I understand that there are things that should be common sense, but let’s just say that I’ve had a security issue with my account with the real Coinbase company last year and receiving an email like this just adds to the difficulties that still continue to this day, hence why this scam nearly got me. I’ll also talk about the one red flag that ALWAYS lets me know that an email is a scam.
Coinbase Email: Legitimate or Scam?
When I recently received this email from Coinbase, or who I thought was Coinbase, I thought it was legitimate because after all, it said it was from Coinbase Support and it had a case number in the subject line of the email which also made me think that it was legitimate because I had problems with my account in the past with Coinbase.
The subject line also said something about 2 factor code for changing a phone number. Now it kind of made me think, was this in reference to the other cases I had sent Coinbase in the past? I was trying to make my Coinbase account more secure and so I thought this really could be from them.
I got to thinking though, it said 2 factor code regarding changing of phone number. The thing is though, I never did change my phone number so then this got me worried that someone was trying to port out my phone number. I’ve never changed my phone number the entire time I’ve had a cell phone for the last 16 years so I definitely had reason to worry that my phone number may have been attempted to be ported out except I didn’t experience any issue with my phone or suddenly losing service.
It was then that I decided to fully click open the email to read what it’s all about. It was after doing that and reading it that I realized it was a scam and I’ll go over fully the things that gave it away that this wasn’t a legitimate email from Coinbase. These things are important and will cause you to breathe a sigh of relief once you realize it isn’t from a legitimate company you may actually be involved with.
The Red Flags of this Phishing Scam
There are definitely red flags that will alert you to an email being a scam and one of them is how the email addresses you. I’ve said this before, but if you truly have an account or dealings with a specific brand or company, they’re going to always address you by your name, be it either your first name or your full name.
Does this email address me by name? No it doesn’t! In fact, it really doesn’t address me as anything at all which is a bit unusual for this type of scam. Usually they’ll say something like “Dear Customer”, but this email doesn’t even have that. All it says is “Hi”. If that’s not a red flag, I don’t know what is. All the emails and replies I’ve actually received from Coinbase have always addressed me by my name.
There are also other things in this email that just seem odd to me. There’s a supposed verification code that I never requested, and it said that they need additional information in order to resolve this. What additional information? I never requested this. What’s also odd is that they have a phone number listed that I can tell you has absolutely nothing to do with Coinbase. First and foremost, Coinbase, doesn’t have a true customer service number (which is very odd for a business of its size). I do know that the only number they have (and this could be different now) is an automated line to call if you believe your account with Coinbase has been hacked.
I know that if I call that number that they have listed in that email, I’ll end up talking to scammers and more than likely they’ll try to get sensitive information from me. You never want to call a phone number or click a link in an email that you suspect may be fraudulent. If there is a link in the email and you click it, you’ll more than likely be taken to a site that will resemble whatever company the email says it’s from, but it really isn’t them and if you try to log in using your real credentials, the scammers will now have that information and will use it against you.
Other things to look for here are spelling and grammatical errors. There aren’t a whole lot in this email, just a few weird capitalizations here and there, but the scammers overall seem to be pretty good at avoiding major spelling mistakes. Some of the other phishing emails that I’ve received in the past have had some horrible spelling errors.
Now here is the biggest red flag of them all and one that has never failed me and one that is unlikely to in the future. You always want to check the email address that it came from. I’ve said this many times before because even though an email will look legitimate, the email address will always give it away. A legitimate company’s email address will always look like this: @coinbase.com and the address will generally be fairly short. This is what the email address looked like where the email came from: email@example.com.
The funny thing with this email address is the scammer tried to make it look like it was legitimate by putting the name of the company into the email address, but a legitimate company will never use a third party email address provider such as gmail.com in this case. Not sure why there’s the word dark and some random series of numbers after the name of Coinbase. If all other red flags don’t seem to pop up, the email address that it came from will never fail you.
Messing With Your Emotions
I know that I’ve mentioned this, but it’s very important. These type of scam emails are designed to mess with your emotions. They want you to panic so that you don’t think logically and will fall for their trap. A lot of emails similar to this will claim they are from a number of different companies such as Microsoft, Amazon, Netflix, Apple, PayPal, Wal Mart, Publisher’s Clearing House and more.
A common Amazon scam, for example, will say that an order was placed for a fairly expensive item such as a television or smartphone, for example, and they’ll say that if you didn’t place this order or want to cancel it, to either call a number they’ve listed inside the email or clink a link that they’ve provided. Doing either one of those things will lead you directly to scammers. If you call a number, whoever answers will claim they are from Amazon but are really scammers. They may try to say things such as needing your credit or debit card number or even bank account information in order to give you a refund, but what will happen instead is that they will drain your bank account or put a number of charges on a credit card.
Now if there’s a link in the email and you decide to click it, you may be taken to a website that will look very similar to Amazon’s site (or whatever company they are trying to mimic), and usually, the goal of these spoofing websites is to capture your log in information and capture any other important or sensitive information that will make you vulnerable. If you type in your actual log in credentials to Amazon, the scammers will now have that information and will use it to access your real Amazon account and start to do real damage that could hurt you financially.
The type of scams I mentioned above are designed to get you worried about a purchase or charge that happened and was unauthorized. Now believe it or not, there are scam emails designed to get you to think of the exact opposite and this is where scams that claim to be from a legitimate company such as Publisher’s Clearing House, comes in.
They will make you think that you’ve won quite a bit of money, possibly into the millions and that in order to get that money, there are a few things that they’ll want you to do first. Just like some of the other phishing emails that I’ve talked about, the email will either have a phone number listed to call or a link to a website. If you fall for any one of these, you’ll more than likely be contacted by scammers who will say that in order to receive your money prize, you will have to pay a certain amount for “taxes” of your winnings. They may try to get you to get gift cards, cashier checks from your bank, or even a wire transfer.
Do not fall for any of that because if you truly won a prize from Publisher’s Clearing House, state lottery, or any other sweepstakes, they will NEVER ask you to pay anything because the taxes and fees will automatically be taken out of your winnings. It makes absolutely no sense to pay money to receive your free money prize so don’t fall for their tactics and run for the hills if they dare mention that you have to pay for anything.
Proceed With Caution
Now that you’ve read how this particular email scam nearly got me, you can be very careful with emails you receive that may or may not be from a legitimate company that you have dealings or accounts with. It can be tough to spot scams these days and it sad that these people that come up with them will do anything to hurt people and steal their hard earned money or identity.
You know what red flags to look for which include anything to the email address that the email actually came from to the way the email message itself is addressed to you. It’s sad that we have to be suspicious of a lot of emails that we get in our inbox these days, but that unfortunately is the world we live in.
It scares me how close this Coinbase scam nearly got me, but once I calmed myself down and paid close attention to what the email said and the red flags it showed, I was able to see it was an email scam. Always give yourself some time to calm yourself before you react as then you’ll be able to think more clearly and look for the clues that will show the legitimacy of an email.
The company I work for will send emails every once in a while to our inbox (company’s email servers, not personal email) to test us and see if we can tell whether an email is a phishing scam or not. I have not failed one to date as I know what to look for, plus it makes it easier to know that we’re not supposed to receive emails from outside sources (except for managers), only from within the company.
Don’t worry folks, I will return with another phishing scam to look at as it seems there are no shortages of phishing scams these days. With the way events are playing out in our world currently, I fear that scammers are going to try to take advantage of it and send out more phishing scams claiming to need donations and your help for humanitarian aid to a specific country or countries. My Coinbase scam is just one of many that continue to pour into my email inbox, but I will not be taken advantage of and now that you know what to look for, you don’t either.