SIM-Swap Account Takeover Targeting Coinbase Users
Criminals port Coinbase users' phone numbers to a SIM they control, intercept Coinbase's SMS verification codes, and rapidly drain cryptocurrency holdings. Coinbase's large retail user base and the irreversibility of crypto transactions make SIM-swap attacks especially lucrative.
Part of: SIM Swap Scams
Last reviewed: 8 June 2026
Coinbase is one of the most widely used cryptocurrency exchanges in the world, and it has been the target of documented SIM-swap campaigns. Because many Coinbase users enable SMS as their two-factor method for convenience, a successful phone-number port can unlock the entire account — including significant cryptocurrency balances — in a matter of minutes.
The attacker's path begins before the SIM swap itself: they gather the victim's name, phone number, carrier, and enough personal details — often from social media, data brokers, or prior phishing — to impersonate the victim when contacting the carrier. Some attackers bribe carrier insiders or use social engineering scripts refined through repeated use.
Once the port succeeds, every SMS Coinbase sends to the victim's number arrives on the attacker's device. They trigger a password reset, confirm it via SMS, change the email address, and start moving funds to external wallets — all irreversible cryptocurrency transactions.
How this scam works on the Coinbase brand
Real Coinbase security relies on the registered email address and the phone number or authenticator app linked to the account. Coinbase sends email alerts for new-device logins and significant account changes. These alerts are the victim's best early warning — but they arrive on the compromised email or are dismissed by the attacker before the victim sees them.
A typical SIM-swap against Coinbase unfolds rapidly: the port completes, the attacker opens accounts.coinbase.com, clicks 'Forgot password,' enters the victim's email, receives the reset SMS, changes the password, updates the linked email, disables the victim's 2FA, and withdraws available balances. Some attackers also move funds via Coinbase's 'Send' feature to obscure wallets before the victim notices.
Coinbase has historically worked with carriers and law enforcement to investigate SIM-swap cases, and the exchange has introduced account-protection features such as requiring email-based verification for phone-number changes. However, once funds are withdrawn to an external wallet, recovery is extremely difficult.
Common red flags
- Your phone loses all carrier service unexpectedly
- Coinbase sends a password-reset email you did not request
- A 'new device login' alert arrives from Coinbase for a device and location that is not yours
- Your linked phone number has been changed in your Coinbase account settings
- Cryptocurrency balances have moved from your Coinbase account without your action
How to protect yourself
- Switch Coinbase's two-factor authentication from SMS to a hardware security key (YubiKey) or an authenticator app
- Set a SIM-lock or porting PIN with your mobile carrier to prevent unauthorised number transfers
- Enable Coinbase's advanced account protection features, including email verification for phone-number changes
- Use a unique email address for Coinbase that you do not share with other services
- Monitor Coinbase login alerts and act immediately on any notification you did not initiate
- Store large amounts of cryptocurrency in a hardware wallet not connected to your exchange account
How to report it
- Contact your mobile carrier immediately to reverse the SIM swap and restore your number
- Report to Coinbase support at help.coinbase.com and request an account freeze
- File a report with the FTC at reportfraud.ftc.gov and at identitytheft.gov
- Report to IC3.gov (US) or Action Fraud 0300 123 2040 (UK)
- File a police report — some carriers and insurers require this for SIM-swap fraud claims
Frequently asked questions
Has Coinbase been targeted by SIM-swap attacks before?
Yes. Coinbase has publicly acknowledged that a significant number of customers were affected by SIM-swap attacks and has worked with law enforcement and updated security features in response. No exchange is immune while SMS 2FA remains widely used.
Does Coinbase offer anything stronger than SMS 2FA?
Yes. Coinbase supports TOTP authenticator apps and hardware security keys, both of which are far more resistant to SIM swapping than SMS codes. You can update this in your Coinbase Security settings.
Are Coinbase losses from SIM swaps covered by any insurance?
Coinbase maintains crime insurance for funds it holds in hot wallets, but this typically covers exchange-level breaches, not individual account compromises. Coinbase evaluates individual cases, but recovery is not guaranteed.