$2M Coinbase Scam: Fake Support Impersonator Tricks Users in Phishing Plot
A cryptocurrency scam involving a fake Coinbase support agent has allegedly resulted in more than $2 million in stolen digital assets...
Quick overview
- A cryptocurrency scam involving a fake Coinbase support agent has led to over $2 million in stolen assets through social engineering tactics.
- The scammer, a Canadian actor, impersonated Coinbase support to extract sensitive information from victims via convincing emails and chats.
- ZachXBT tracked the scammer by analyzing social media activity and found that the thief flaunted his lifestyle online, making him easier to identify.
- To protect against such scams, users are advised to ignore unsolicited support messages, avoid clicking suspicious links, and use strong security measures.
A cryptocurrency scam involving a fake Coinbase support agent has allegedly resulted in more than $2 million in stolen digital assets, according to on-chain investigator ZachXBT. The researcher claims the theft occurred through a brazen social engineering campaign targeting exchange users via a series of convincing emails and fake support chats.
ZachXBT broke down the scam in a post shared on X, detailing how he tracked down the alleged scammer by cross-checking Telegram activity, leaked screen recordings, and social media posts. He says this Canadian actor impersonated Coinbase customer support to convince people to hand over sensitive login details or authorise dodgy transactions.
ZachXBT Track Down the Scammer
Another thing that helped ZachXBT track down the scammer was that the bloke was bragging online about his lifestyle, sharing photos and stories on social media that made it easy for the investigator to spot tell-tale patterns. ZachXBT says rather than trying to launder the stolen cash, the thief just went out and splashed it on silly stuff like rare Telegram usernames, a good time at the casino, and bottle service at the club – the usual.
1/ Meet Haby (Havard), a Canadian threat actor who has stolen $2M+ via Coinbase support impersonation social engineering scams in the past year blowing the funds on rare social media usernames, bottle service, & gambling. pic.twitter.com/bBqrV7GmPi
— ZachXBT (@zachxbt) December 29, 2025
A leaked video shows the alleged scammer talking directly with a victim while pretending to be official support staff – and this is actually quite a clear example of how the scammer established trust before telling the poor bloke to do something that cost him big time.
How Social Engineering in Crypto Works
Social engineering is still one of the most successful attack methods in the world of crypto. The reason is simple – it targets human behaviour. So, rather than trying to break into your exchange account by hacking into it, a scammer will try to make you give them what they want.
These social engineering attacks rely on using urgency, authority, and a bit of a lie to get what they want. They’ll tell users that their account needs to be “secured” urgently, or that there’s been a suspicious transaction that needs to be sorted out – and before you know it, they’ve got what they want.
Some of the common tactics that scammers use in their support impersonation scams include:
- Pretending to be exchange staff via Telegram or phone
- Sending fake security alerts or links that look like they’re from the exchange
- Asking for your private keys or one-time codes
- Telling you to approve their malicious transactions
- Copying the language and branding of the exchange they’re impersonating
ZachXBT also pointed out that this scammer had the bright idea of creating loads of new Telegram accounts and spending a pretty penny to buy high-value usernames to make himself look legit. But in the end, he got caught because he couldn’t resist posting about his lifestyle on social media, which made it pretty easy for ZachXBT to track him down.
ZachXBT also claimed to have identified the scammer’s location but held back on releasing that info due to platform rules.
How to Protect Your Crypto Holdings
Security awareness is just not good enough in the world of crypto – especially when it comes to new users who have no idea that legitimate exchanges will never initiate private contact or ask for sensitive details. This is a major gap in the industry that’s allowing scammers to get away with a lot of money.
JUST IN: ZachXBT Unmasks $2M Coinbase Scammer in Canada 🇨🇦 – ‘Haby’ Identified After Months of On-Chain Tracking and Reported to Authorities pic.twitter.com/oQAP4jDLmz
— MAGAgeddon (@MAGAgeddon) December 29, 2025
But here’s the good news – it’s not that hard to protect yourself from these scams. And here’s how:
- Don’t react to any messages claiming to be “support” – ignore them
- Don’t click on any links that you get via email, SMS, or Telegram
- Use a different password for every platform – this keeps your accounts safe
- Enable two-factor authentication wherever possible
- Keep long-term holdings in a hardware wallet
- Contact support only through their official website or verified apps
While the blockchain enables tracking stolen funds back to the source, the chances of getting your money back once it’s moved to another wallet are about zero. The Coinbase impersonation scam is a great example of just how big a problem these social engineering scams have become in the world of crypto.
- Check out our free forex signals
- Follow the top economic events on FX Leaders economic calendar
- Trade better, discover more Forex Trading Strategies
- Open a FREE Trading Account
Save