Coinbase's Chief Information Security Officer Discusses Anti-Scam Measures Despite Annual Losses of $300 Million

Sneaky Social Engineering Hits Cryptocurrency Users

In the rapidly evolving world of cryptocurrency, social engineering scams are on the rise, especially targeting users of Coinbase. According to investigations by ZachXBT, since December 2024, users have lost over $100 million, with annual losses reaching a staggering $300 million enz_1.

Coinbase, the leading centralized exchange, is no stranger to these deceptive attacks. A recent investigation by ZachXBT uncovered multiple instances of users losing millions in March 2025 alone enz_2.

To better understand this escalating issue, we spoke with Coinbase's Chief Information Security Officer (CISO), Jeff Lunglhofer. Let's dive into how these scams unfold, why they're effective, and what actions are being taken to combat them.

First quarter numbers of 2025 saw a significant rise in social engineering scams targeting Coinbase users. Given the sector's increasing sophistication in terms of hacks, this unfortunate trend does not come as a surprise.

Investigations by ZachXBT revealed numerous victims who suffered substantial withdrawals from their Coinbase accounts enz_2. March 28 alone brought a brutal $35 million loss, with additional victims exploited by the same scam, pushing March's total to over $46 million enz_2.

Previous investigations by ZachXBT, concluded a month earlier, unveiled $65 million stolen between December 2024 and January 2025, with Coinbase grappling with a social engineering scam issue costing its users $300 million annually [enz_3].

Centralized exchanges, in general, have been greatly impacted by these cunning attacks enz_4.

The Wider Context of the Situation

Availability of data regarding social engineering scams in recent years is limited and somewhat outdated enz_5. However, the numbers in the existing reports are nothing short of shocking.

The Internet Crime Complaint Center (IC3) under the US Federal Bureau of Investigation (FBI) released its first cryptocurrency report in 2023, revealing that investment fraud constituted the largest category of complaints, accounting for roughly 46% of the nearly 69,500 complaints received, or approximately 33,000 cases enz_5.

These scams, often referred to as "pig butchering," involve false promises of high returns with low risk, luring investors, particularly crypto newcomers driven by the fear of missing out on significant gains enz_5.

In 2023, these schemes resulted in losses of $3.96 billion for users, representing a 53% increase compared to the previous year enz_5. Other social engineering scams, like phishing and spoofing, were responsible for $9.6 million in losses enz_5.

Centralized exchanges, such as Coinbase, have been dealing with social engineering scams for quite a few years enz_4.

New Scam Tactics and Ways They Fool Users

Coinbase scammers typically create fraudulent emails that mimic legitimate communications using cloned website images and false Case IDs. These emails are often followed by spoofed calls, leveraging private information to establish trust before sending deceptive emails [enz_3].

Once the scammer has convinced the user that the interaction is legitimate, they can exploit the situation to persuade users to transfer funds. The escalating sophistication of these scams showcases the emotional manipulation involved and the unique vulnerabilities of the victims. They also highlight that centralized exchanges are often the primary platforms for these exploitations.

ZackXBT's investigations and user reports uncover a gap between the extent of social engineering scams and Coinbase's apparent management effectiveness [enz_3]. Public discussions indicate that Coinbase has not flagged theft addresses in common compliance tools, and victims of scams, as well as users whose funds were frozen, are urging Coinbase to take stronger action against this growing and costly issue.

Understanding how these scams unfold is essential to addressing them effectively.

How are Coinbase Users Manipulated?

In January, a victim contacted the investigator after losing $850,000. In this instance, the scammer contacted the victim from a spoofed phone number, using personal information likely obtained from private databases to gain their trust [enz_3].

The scammer convinced the victim that their account had suffered multiple unauthorized login attempts by sending them a spoofed email with a fake Case ID. The scammer then instructed the victim to safelist an address and transfer funds to another Coinbase wallet as part of a routine security procedure [enz_3].

Last October, another Coinbase user lost $6.5 million after receiving a call from a spoofed number impersonating Coinbase support [enz_3].

Coinbase users have been increasingly falling prey to such deceptive tactics.

Addressing the Problem: Coinbase CISO Speaks Up

Despite Coinbase's increased understanding of the widespread harm caused by social engineering scams, Lunglhofer emphasized that the broader crypto community should address this problem collectively rather than relying on a single entity [enz_6].

"Coinbase customers are impacted, of course, we're keenly aware of it. We've been rolling [out] a number of control improvements to help protect our users, and I think more importantly, we are working with the broader industry to bring these ideas and these control uplifts across the industry, across all crypto exchanges, across everything," Lunglhofer told BeInCrypto [enz_6].

Coinbase's CISO referenced the exchange's collaborative efforts with other platforms to combat this problem in his reply [enz_6].

Specifically, Lunglhofer pointed to the "Tech Against Scams" initiative, a partnership with industry players like Match Group, Meta, Kraken, Ripple, and Gemini to fight online fraud and financial schemes [enz_6].

Lunglhofer also added that Coinbase takes an approach similar to flagging theft addresses, partnering with other exchanges to share information related to fraudulent activities [enz_6].

While cooperation is crucial, Coinbase, as a leading platform, must also put more proactive efforts and resources into educating its users. Social engineering is primarily a user-driven issue, not a security failure for any exchange. However, platforms like Coinbase have the critical responsibility to lead industry-wide initiatives to address these threats.

The millions lost are a sobering reminder that vigilance and collective action are paramount in safeguarding users against these increasingly refined and frequent attacks.

Follow the Trust Project guidelines for transparency reporting:

This feature article presents opinions and perspectives from industry experts or individuals. BeInCrypto is committed to transparent reporting; however, the views expressed in this article do not necessarily reflect those of BeInCrypto or its staff. Always verify information independently and consult with a professional before making decisions based on this content. Please note that our Terms and Conditions, Privacy Policy, and Disclaimers have been updated.

References:

[enz_3]: https://www.zachxbt.com/post/inas Baltic-only-scam-surfaces-as-coinbase-fails-to-flag-march-scam

[enz_6]: Interview with Jeff Lunglhofer, Coinbase's Chief Information Security Officer.

A significant rise in social engineering scams targeting Coinbase users was observed in the first quarter of 2025, with victims losing millions from their accounts, demonstrating the escalating issue that centralized exchanges, including Coinbase, are facing.
Investigations by ZachXBT revealed that scammers often use fraudulent emails that mimic legitimate communications, using cloned website images and false Case IDs, followed by spoofed calls, to exploit users and persuade them to transfer funds, showcasing the emotional manipulation and unique vulnerabilities these scams employ.
To combat the growing issue of social engineering scams, Coinbase's Chief Information Security Officer (CISO), Jeff Lunglhofer, emphasized the importance of collective action within the crypto community, citing collaborative efforts with industry players, such as the "Tech Against Scams" initiative, and partnering with other exchanges to share information related to fraudulent activities.