At the moment, this phishing campaign takes the form of a New terms of service agreement that Coinbase users must read and accept in order to continue using the service.
Things like that have constantly happened during the past few years. Here’s what one user said:
Recently received an authorization email from “coinbase” claiming that a new device is requesting access to your account. The email said the IP location was from Russia, so I scrolled down and hit “cancel request”.
How to protect Microsoft 365 account from Coinbase phishing?
As said before, the New terms of service agreement isn’t always what it seems. Clicking on the Read and Accept Terms of Service FAQ link leads you to a legitimate Microsoft page.
You are asked to log in to the Microsoft account. Pay attention to the URL and see if it asks for the User.Read, Mail.Read, and Mail.ReadWrite permissions.
Once in your Microsoft account, you’ll see a new prompt to allow an app from coinbaseterms.app to access your account.
At this point, do not accept the app’s request or else you risk turning into a victim of a fraudulent practice that may a huge impact on your security.
The security token associated with your account will fall into the wrong hands and will get compromised in no time.
Hackers will be able to access your mail, contacts, personal notes, and any sensitive information stored on your cloud storage space.
Let us know if this has ever happened to you in the past, by using the comments area below.