Coinbase, a cryptocurrency platform, is the latest victim of a social engineering attack. Social engineering occurs when cybercriminals manipulate you to try to steal your sensitive information. 

In this Coinbase attack, a cybercriminal sent smishing (SMS phishing) messages to their employees containing a link directing them to log in to their company accounts. Shortly after one employee clicked this link, Coinbase spotted and prevented the cybercriminal from gaining internal access. Later, the cybercriminal called this same employee claiming to be from Coinbase’s IT department. The employee thought the call was legitimate, and the cybercriminal stole sensitive information over the phone. 

Follow the tips below to stay safe from similar scams:

• Always be cautious of unexpected text messages.
• Think before you click! Cyberattacks attempt to catch you off guard and pressure you to act impulsively.
• Before sharing any sensitive information over the phone, verify that the caller is who they say they are.

 
If you receive a text or call from the OIT HelpDesk, call our office back at 865-974-9900 to make sure we are actually the people calling or texting.