Fake Coinbase Account Suspension Phishing
Fraudsters send fake Coinbase account-suspension emails to panic users into submitting credentials on phishing pages. Coinbase suspensions are communicated through in-app notices and official email — never via links demanding immediate re-verification.
Part of: Fake Suspended Account Appeal Scams
Last reviewed: 7 June 2026
Account suspension emails are a classic phishing vector because they create immediate fear of losing access to financial assets. In the context of a cryptocurrency exchange like Coinbase, where account balances may represent significant value, this fear is amplified — and scammers exploit it expertly.
Fake Coinbase suspension emails range from relatively crude to highly sophisticated. The most convincing versions use Coinbase's actual visual design, reference real Coinbase policy language about KYC compliance, and include a credible-sounding reason for the suspension such as 'unusual login activity' or 'identity verification required by new regulations.'
Coinbase does send genuine account-related emails for KYC updates, security reviews, and policy changes. The difference is in what action they require and where they direct users. Genuine Coinbase communications ask users to visit coinbase.com directly — they do not embed single large 'Verify Now' buttons that bypass the normal login flow.
How this scam works on the Coinbase brand
An email subject line reading 'Your Coinbase account has been temporarily suspended' contains Coinbase's logo, a brief explanation citing regulatory compliance, and a prominent 'Verify Identity' button. Clicking the button opens a multi-step form on a phishing domain that collects the user's email, password, 2FA code, and sometimes even a photo ID upload — the last step providing the attacker with enough data for full identity fraud.
A simpler version mimics a Coinbase transaction decline email, claiming the account is suspended because a payment was blocked. It asks the user to 'complete verification' via an embedded link within 24 hours or the account will be permanently closed.
Coinbase genuinely communicates account restrictions through the in-app notification system and through email from @coinbase.com. If there is a KYC update needed, logging in directly at coinbase.com will show a banner or prompt — the required action is always visible after logging in through the real site, not exclusively accessible via an email button.
Common red flags
- An email from a [email protected] address claiming your account is suspended
- A 'Verify Identity' button in an email that links to any domain other than coinbase.com
- Urgency language: 'Your account will be permanently closed in 24 hours'
- A multi-step verification form on an external site asking for password, 2FA, and ID photo
- The email is addressed generically ('Dear User') rather than your registered name
- No corresponding alert visible when you log in directly at coinbase.com
How to protect yourself
- Never click 'Verify' or 'Restore Account' buttons in emails — log in directly at coinbase.com to check account status
- Verify sender email addresses character by character before taking any action
- Use coinbase.com/verify-email to check whether a Coinbase email is authentic
- Enable 2FA with an authenticator app so a captured password alone is insufficient
- Report the email to [email protected] and delete it without further interaction
How to report it
- Forward phishing emails to [email protected]
- Report to IC3.gov (US) or Action Fraud (UK)
- Submit the phishing URL to Google Safe Browsing
- Report to your national data protection authority if an ID photo was submitted to a scam site
Frequently asked questions
How does Coinbase communicate a real account suspension?
Real Coinbase account restrictions are visible when you log in directly at coinbase.com. You will see a banner or prompt detailing what is needed. Coinbase emails about restrictions come from @coinbase.com and ask you to log in at coinbase.com — not to click through to an external verification site.
Is it safe to upload my ID to a verification page linked from an email?
Only if you have independently verified the site is genuinely coinbase.com. If you arrived via an email link, first verify the URL and check for the email's authenticity. Uploading an ID photo to a scam site enables identity fraud beyond just account compromise.
What if I entered my password but not my 2FA code?
Change your Coinbase password immediately from a known-clean device. Enable 2FA with an authenticator app if not already done. Check your Coinbase Security Log for unauthorized login attempts and report the phishing email to [email protected].