Security News > 2021 > July > Coinbase Users Face Ongoing Phishing Attacks
Coinbase is the largest exchange in the U.S., and researchers have detected numerous phishing campaigns against Coinbase users.
Researchers at anti-phishing firm INKY have discovered dozens of current phishing campaigns targeting Coinbase users.
If targets were fooled, and clicked the presented button, they were sent to a perfect copy of the real Coinbase login page.
Coinbase, along with most authorities, urges users to employ two-factor authentication.
Evilginx uses a Nginx HTTP server to proxy real websites to phishing victims, capturing any 2FA token that the website may send as a browser cookie to the client.
Phishing remains one of - if not the - most prolific criminal attack vectors, and phishing the user may seem a softer target than hacking the exchange.
News URL
Related news
- Phishing platform 'Lucid' behind wave of iOS, Android SMS attacks (source)
- iOS devices face twice the phishing attacks of Android (source)
- Windows NTLM hash leak flaw exploited in phishing attacks on governments (source)
- Three Reasons Why the Browser is Best for Stopping Phishing Attacks (source)
- Phishing detection is broken: Why most attacks feel like a zero day (source)
- DPRK Hackers Steal $137M from TRON Users in Single-Day Phishing Attack (source)
- Low-tech phishing attacks are gaining ground (source)
- MintsLoader Drops GhostWeaver via Phishing, ClickFix — Uses DGA, TLS for Stealth Attacks (source)
- Focused Phishing: Attack Targets Victims With Trusted Sites and Live Validation (source)
- CTM360 Identifies Surge in Phishing Attacks Targeting Meta Business Users (source)