Why would this be phishing? The URLs its pointing to is straight on the Coinbase site, over HTTPS too.
https://coinbase.com/transactions/533aa310101a7b619b0001a5
How did they sign emails to be as if they were sent from coinbase too?
The only reason this would be actually dangerous is if the coinbase servers themselves were hacked and were storing passwords...
https://coinbase.com/transactions/533aa310101a7b619b0001a5
How did they sign emails to be as if they were sent from coinbase too?
The only reason this would be actually dangerous is if the coinbase servers themselves were hacked and were storing passwords...
You can request bitcoin from any email address in the world through coinbase. If the email address input matches that of a coinbase user you can see their full name associated with that Coinbase account. This is not good. Someone could very easily scrape full names/email data/ coinbase account data using this method.
These payment requests, processed through the Coinbase system, are only a click and 2FA away from executing. Fortunately, I do not use Coinbase as a wallet. Unfortunately, I and others use them for BTC purchases with fiat so customer bank ACH and credit card data is stored there.
I'm going to leave the bogus requests sitting there and see what Coinbase does about them.
