Coinbase, a cryptocurrency platform, was the latest victim of a social engineering attack. Social engineering occurs when cybercriminals manipulate you to try to steal your sensitive information.
In this recent attack, a cybercriminal sent smishing (SMS phishing) messages to Coinbase employees. These messages contained a link directing employees to log in to their company accounts. Shortly after one employee clicked this link, Coinbase saw and prevented the cybercriminal from gaining internal access. Later, the cybercriminal called the same employee and claimed to be from Coinbase’s IT department. The employee thought the call was legitimate, and the cybercriminal stole some sensitive information over the phone.
Follow the tips below to stay safe from similar scams:
- Always be cautious of unexpected text messages.
- Think before you click! Cyberattacks are designed to catch you off guard and make you act impulsively.
Before you share any sensitive information over the phone, verify that the caller is actually who they say they are.
Stop, Look, and Think. Don’t be fooled.
Protect your network! Learn more about security awareness training for your team.