Security News > 2021 > July > Coinbase Users Face Ongoing Phishing Attacks
Coinbase is the largest exchange in the U.S., and researchers have detected numerous phishing campaigns against Coinbase users.
Researchers at anti-phishing firm INKY have discovered dozens of current phishing campaigns targeting Coinbase users.
If targets were fooled, and clicked the presented button, they were sent to a perfect copy of the real Coinbase login page.
Coinbase, along with most authorities, urges users to employ two-factor authentication.
Evilginx uses a Nginx HTTP server to proxy real websites to phishing victims, capturing any 2FA token that the website may send as a browser cookie to the client.
Phishing remains one of - if not the - most prolific criminal attack vectors, and phishing the user may seem a softer target than hacking the exchange.
News URL
Related news
- Phishing-as-a-Service "Rockstar 2FA" Targets Microsoft 365 Users with AiTM Attacks (source)
- GenAI makes phishing attacks more believable and cost-effective (source)
- CERT-UA Warns of Phishing Attacks Targeting Ukraine’s Defense and Security Force (source)
- Inside the incident: Uncovering an advanced phishing attack (source)
- Ongoing phishing attack abuses Google Calendar to bypass spam filters (source)