pull down to refresh

Minnesota man clicks email link, watches Bitcoin fortune drain awaywww.startribune.com/minnesota-man-clicks-email-link-watches-bitcoin-fortune-drain-away/601359586
40 sats \ 4 comments \ @Coinsreporter 16h bitcoin
No Paywalled: https://archive.is/4RwPq
The man, identified only as J.S. in the filing, told Tuzinski in September 2024 that “he was on his phone when he received an email from what he thought was Coinbase support. J.S. said he kept all his digital assets, which included over 40 Bitcoin, on his Coinbase Wallet app.”
J.S. continued that “after he clicked on a link contained within the email, he realized the email was not legitimately from Coinbase and suspected it was a phishing attack. J.S. then went to his Coinbase Wallet app and saw his digital assets were being moved out of his wallet.”
The man estimated that the sum of his digital assets in various accounts totaled $2.4 million, nearly all of it in Bitcoin.
write
preview
related posts
17 sats \ 1 reply \ @grayruby 16h
Ouch and people say self custody is too risky.
reply
0 sats \ 0 replies \ @SimpleStacker 15h
But i mean... this person could easily have been pwned with self custody too, maybe even easier.
reply
0 sats \ 0 replies \ @SimpleStacker 15h
How, tho? With one link? I guess the link used Coinbase credentials saved on his phone or something. But does that mean the link was able to spoof itself as the real coinbase app? I'm not sure how these phone security features work.
Anyway, even if you use custodial, I would recommend using whitelisting. That way, funds can only be moved to bitcoin addresses you already trust, and it takes something like 48 hours to whitelist a new address.
reply
0 sats \ 0 replies \ @rootmachine 16h
this is painful. poor guy. better go self-custody next time... if there is any next time.
reply