The Coinbase Text Scam

Published Date: 2025/10/28

Last Updated: 2025/11/19

For the average crypto user, text scams have become a standard feature of life. No matter your experience level in the world of crypto, we are all susceptible. The scams range from simple, to highly sophisticated operations spanning multiple counties. Hence, increasing awareness is now not just an educational matter, but a shield for your wallet.

Coinbase text scams are not unique to Coinbase. In fact, every major crypto exchange has their own version of it. As well as other more intricate scam set ups that their users need to watch out for.

• Crypto Scam Example

The writer of this article has experienced other crypto scams which auto add crypto users to whats-app groups in the name of a reputable exchange (like Binance or Kraken). The scammers frame the whats-app group as an educational spot for the exchanges users, but very soon start shilling “crypto strategies” with unrealistic return claims. This strategy is particularly effective because it uses group / social reinforcement and is able to target a large set of people at once. This scam itself might be the topic of an upcoming blog post.

Summary

• How the Coinbase text scam works and why scammers impersonate Coinbase using fake withdrawal codes and login alerts.

• Why you may have received the text even if you don’t use Coinbase — including how scammers use large datasets to target victims.

• Common variations of the scam such as withdrawal confirmations, verification code requests, and airdrop messages.

• The psychology behind the scam, including urgency, fear, and action-pushing tactics used to make you click.

• How to protect yourself, by using the official Coinbase app, avoiding SMS links, and switching to an authenticator app for 2FA.

• What to do if you clicked the link or responded to the message, including immediate safety steps.

How the Coinbase Text Scam Works

• The Scam Logic & Workflow

As for the Coinbase text scam. This scam has been in operation for a number of years and has changed with the times. The basic structure of the scam involves getting a text that claims to be from Coinbase. The text is worded in a way that indicates that you must take action on your account and provides a link to where the action can be carried out.

The specific action you need to take will differ depending on the message. After clicking this link you are directed to a site that seems like its from Coinbase. From here, you are asked to give your login credentials and other bits of sensitive information. This information is then used to steal money from your Coinbase wallet. Sometimes, clicking the link leads to spyware being downloaded on your phone which is used to steal your personal information.

• Why You May Receive This Text Message

You can get this text regardless of whether or not you are a Coinbase user. This is because scammers send these texts in bulk based on the data in their datasets. If your data ends up in their dataset, you will be targeted. Your data can end up in a scammers dataset via other scams that managed to steal your data; buying your data on the dark web; buying your data from data brokers; hacks that happen to people close to you and data they scrape publicly on the internet that includes your information.

Additionally, according to Europol scammers are constantly updating their datasets and monetizing them in any way they can. This means, scammers use scams to verify their data. By sending this text, they can confirm whether or not you have a Coinbase account. This also is why scams are particularly dangerous.

For example, ask yourself, how does the scammer know that you have a Coinbase account. Or any other account. Visa, Mastercard, PayPal etc. The answer is, they don’t. At least, not at first. It is via their interactions with you that they are able to build a “user profile”. If you interact with one of these Coinbase scam texts, and you don’t necessarily lose money, but mention the bank you use. The scammer can use that information for their next attack. Therefore, your next scam text will likely say "there has been suspicious activity in your JP Morgan account" if that is the bank you use and assuming that at some point during the interaction you divulge this information.

Yes, in 2025 this is what we have to deal with this. The scammers are down with the hype in the board rooms, the scammers are now “data driven”.

Common Variations of the Text Message Scam

Below, is a list of common variations of the Coinbase text scam.

• Withdrawal-code Alerts

• Fake Login/Verification Prompts

• Phishing Links to Clone Sites

Key Lessons from the Scam – What to Learn

As you can see, there are many variations of this scam and in effect there can be infinite variations. That said, what can we learn from these examples?

• Relationship-Based Triggering

Scams target the nature of your relationship with the entity they are pretending to be. As you can see, they all use a different point of reference. The first one is related to an unclear transaction. The second one is related to a withdrawal and the third one is related to an airdrop . The scammers are flexible in the exact attack node they use, but what all of these attack nodes have in common is that they are important aspects of how you deal with the platform.

That should be our first takeaway with respect to dealing with these messages. Or other types of scam messages. If you get a text from a number claiming to represent an organization and that text talks about key aspects of your relationship with that organization, then the text is probably a scam.

Think about it this way, if the scammers were trying to pretend to be the IRS or tax authority they would talk about some taxes you haven’t paid. In this case, because they are claiming to be a crypto exchange they are talking about the major things a user does with an exchange. You don’t log into your tax portal as much as you log into your crypto account. So when the scammer pretends to be the IRS, it is unlikely that they will use logging in as their point of reference. For a crypto currency exchange, it is different. Depending on who you are, you could be logging into your account multiple times a day. So for crypto, they will talk about things like logging in, airdrops, withdrawal and the link to your bank account because these are key points of reference with which you engage your crypto currency exchange.

• Urgency & Action-Push Tactics

Secondly, we also observe that these scam messages all prompt you to take action. This is how scammers get you. They always need you to take some kind of action, and preferably sooner rather than later. To make this worse, when you contact these scammers they then put you on hold. This might seem counter to their interests but it is not. They are playing the time anxiety game. Think about it this way, in a normal conversation, the person that is controlling the pace of the conversation is the one that is likely to be the dominant interlocutor. That is what they want and what they are trying to do. By controlling the pace of the interaction with you they establish dominance over you. This is also why they always pretend to be powerful organizations and impersonate well known names. It is a dominance tactic that increases your anxiety levels and makes you more susceptible to their requests.

• Compliant Behavior as the Mechanism

Which leads me to the final point: Acquiescing to requests. Because this is what makes a scam different from a fraud. In scams we willingly comply. We do this via acquiescing to requests. And the sinister part is that, with a scam we don't know which specific request is the one that will dig our grave. The scammers create an environment where the general flow is one where we are acquiescing to requests, they want us to go with it, go with everything. Everything will be fine and we will be safe if we just go with it. From there, they won’t even directly ask for your money. But by following their program they will structure it in a way that by the end of it your money is gone. This can even be days later via a false transaction from your credit card at the other side of the world.

How to Protect Yourself from this Scam

Based on this, what actions can we take to protect ourselves from these types of scams?

• Always Access Your Exchange via the Official App or Website

Remember this: most of the time, a crypto exchange always communicates with you on the platform! Your account has a notification center where the exchange communicates with you. Especially if you have the app, because these communications can directly go to your phone's notification center. This means, you should never click a link to log into any platform unless that link was from within the platform. Scammers steal your data via external links. If we always log in manually without an external link then we are unlikely to be trapped by a fake link.

• Use Authenticator App Instead of SMS Codes

We recommend also using an authentication app for your two factor authentication as opposed to sending direct text messages with codes. These codes and direct text messages are another vulnerability point. This means, even if you have two factor authentication, make sure that it is via the app and not text messages. Keeper security wrote an interesting article explaining why an authenticator app is better than text messages. You can find it here.

Also, more importantly, it will get you used to dealing with your exchange on the platform only and nowhere else. The only time you should be dealing with your exchange outside the platform is when you contact them directly.

• Pause Before You Click or Call

Sometimes your exchange sends you periodic emails. These are legitimate. But remember that the content of those emails are things that you have agreed the exchange can communicate with you about. If the exchange is sending you emails that include content pertaining to things that you have not agreed to be informed about DO NOT TAKE ACTION IMMEDIATELY. Wait and find a way to communicate with the exchange directly, on your own terms, via the platform! If you clicked the link make sure to change all your passwords immediately.

Conclusion

As you can see from this simple case. The Coinbase text scam the scam is not one thing. It is many things, and additionally, it is not static, as time moves on the scam changes. This chameleon-like nature of scams means that in a sense, no two scams are the same. This is why No Scams believes in the power of sharing our experiences with scams. There is no shame in being scammed. The writer of this article has been scammed numerous times in recent years, both online and offline. Scams are everywhere these days and we need to develop strong educational and technical networks to defend against them. That is what is No Scam aims to be.

If you have experienced a crypto scam before Share your story on our "share your experience” page. We are also particularly interested in the funnel you experienced after you clicked on the link. Scammers develop user funnels and the deeper you go the more they can extract from you. Your experience with this scam will vary depending on how deep you went or who exactly was running the scam. Indeed, that is another factor about scams. They are never run by one person or entity, there are multiple scamming systems out there developed by different groups that each add their own specific twist to the plot. So feel free to share your experiences with this Coinbase text scam and other scams you might have experienced.

The more we share, the safer we become.