Have you received an email from Coinbase stating that you need to reclaim your account? While this is an important security feature that could potentially stop hackers from gaining access to your account, it may also be part of a phishing scam. Scammers are using a variety of tactics and methods to try and trick users into handing over their login information and all of their invested funds.

The scam goes like this: you randomly receive an email that looks like it’s from Coinbase saying that your account has been deactivated due to suspicious activity, or you need to confirm a withdrawal amount. They’re trying to get your attention and make you fearful of losing your money. Then, you’ll open the email and click the button to recover your account by inputting your login information. From there, the scammer now has your login information and can drain your account. How did this happen? What were the signs?

How to spot a fake email

Phishing emails are a form of social engineering. They attempt to trick individuals into giving up sensitive information like their passwords or credit card information in exchange for a false reward. Phishing emails typically come from fake email addresses with domain names that mimic legitimate organizations.

The email address is spelled incorrectly

Since the URL of the company is already taken by the actual company, scammers have to slightly misspell their URL. For example, instead of Coinbase with an ‘i’, the scammer will spell it as CoInbase with a lowercase “L”. This is a clever tactic because it allows them to get around security filters that block out specific known malicious URLs while still tricking users into thinking they’re clicking on the correct website. When you arrive at the fake site, you’ll be prompted to input login credentials. Since these sites look exactly like the official Coinbase website, users can easily fall for them and end up handing over their credentials unknowingly.

Compare the suspicious email with previous legitimate emails

Compare this email you’ve received to previous emails you’ve received from the company. Look at the tiny details like fine print, images, spelling, and wording. Is the logo exactly the same? Does it feature the correct email signature for the company? Is this person emailing you an actual person working for the company? Does this email sound pushy or aggressive? The scammer will try to make the email look identical, but there will almost always be red flags.

Check your account status by logging in directly with Coinbase, not by clicking a link in the email

Check your account activity on Coinbase by logging in. If nothing major has happened (no buys, sells, or transfers), then it’s likely that this email is fake. Even if something did happen on your account recently (like a password change), double-check with Coinbase directly by clicking “Contact Support” in your account settings or through their website. Never trust an unknown emailer with sensitive information about yourself or your account.

The best way to protect yourself from a Coinbase email scam is to be cautious; only click on a Coinbase email if you have initiated the communication in some way. If you receive an email that seems suspicious, look for certain telltale signs of fraud and verify any information you can independently before acting on it. Some red flags to look out for include typos, links to a fake website instead of the real one, or requests to contact a foreign address. Financial institutions, including Coinbase, will not notify you in these ways. Scammers are sending these emails to everyone, regardless of if they even have a Coinbase account. Staying educated against scam tactics is among the best practices to avoid becoming the victim of a scam.