Kaspersky Flags Coinbase Phishing Scam Targeting Windows Users

No photo availableByStaff Writer
2 min read
The attackers lured victims into downloading software disguised as an account statement. Once installed, the software gave hackers access to the victims’ computers and ultimately their accounts.
Image by Pngtree

Cybersecurity firm Kaspersky has uncovered a phishing scheme aimed at users of Coinbase, the popular cryptocurrency exchange platform. The attackers lured victims into downloading software disguised as an account statement. Once installed, the software gave hackers access to the victims’ computers and ultimately their accounts.

The campaign begins with an email telling users to view their Coinbase account statement by following a link. The download is claimed to be viewable only on Windows-based desktops or laptops, pressuring users to open the file on a Windows machine.

After clicking the link, users are led to a webpage that prompts them to open the file on Windows. When they do, remote-access software installs on their machine, giving attackers control. The phishing setup then directs the user to log into their Coinbase account, while their credentials are visible to the attacker making it possible for hackers to steal crypto funds or lock users out entirely.

After clicking the link to view the alleged Coinbase account statement,
users were directed to a page prompting to reopen it on Windows.

“This phishing campaign is a stark reminder of how cybercriminals exploit trusted platforms like Coinbase to deceive users. By masquerading their tool as a legitimate account statement, attackers are weaponising user trust. We urge everyone to verify links and files before opening them. Legitimate services would never ask a user to open links on their desktop or laptop computers running specifically Windows OS,” explained Olga Altukhova, Senior Web Content Analyst at Kaspersky.

A view of the attackers’ dashboard which allows them to view different user metrics.

To protect against such phishing attacks, Kaspersky recommends the following:

  • Verify unsolicited messages, calls, or links even if they appear legitimate. Never share two-factor authentication codes.
  • Be wary of videos showing unnatural movements or overly generous offers, which may signal deep-fakes.
  • Deny camera access requests from unverified sites and avoid uploading your signature image to unknown platforms.
  • Limit the sharing of sensitive details online, such as document photos or work-related information.
  • Ensure your devices are protected with reliable security software and regular system updates to reduce the risk of phishing.

Leave a Reply

Your email address will not be published.

Do you have a story that you think would interest our readers? Write to us editorial@cioafrica.co