CoinGecko Users Targeted by 23,000 Phishing Emails After Email Provider Breach

CoinGecko Data Breach Phishing scams
Ad Disclosure
Ad Disclosure

We believe in full transparency with our readers. Some of our content includes affiliate links, and we may earn a commission through these partnerships. However, this potential compensation never influences our analysis, opinions, or reviews. Our editorial content is created independently of our marketing partnerships, and our ratings are based solely on our established evaluation criteria. Read More
Last updated:
Ad Disclosure
Ad Disclosure

We believe in full transparency with our readers. Some of our content includes affiliate links, and we may earn a commission through these partnerships. However, this potential compensation never influences our analysis, opinions, or reviews. Our editorial content is created independently of our marketing partnerships, and our ratings are based solely on our established evaluation criteria. Read More
Junior Content Creator
Junior Content Creator
Harvey Hunter
Author Categories
About Author

Harvey Hunter is a Junior Content Creator at Cryptonews.com. With a background in Computer Science, IT, and Mathematics, he seamlessly transitioned from tech geek to crypto journalist.

Last updated:
Why Trust Cryptonews
Cryptonews has covered the cryptocurrency industry topics since 2017, aiming to provide informative insights to our readers. Our journalists and analysts have extensive experience in market analysis and blockchain technologies. We strive to maintain high editorial standards, focusing on factual accuracy and balanced reporting across all areas - from cryptocurrencies and blockchain projects to industry events, products, and technological developments. Our ongoing presence in the industry reflects our commitment to delivering relevant information in the evolving world of digital assets. Read more about Cryptonews
Ad DisclosureWe believe in full transparency with our readers. Some of our content includes affiliate links, and we may earn a commission through these partnerships. Read more

Cryptocurrency data aggregator CoinGecko has confirmed a data breach of its third-party email platform GetResponse, exposing over 23,000 users to phishing emails.

This came following yesterday’s reports of a new wave of crypto airdrop scams, suspected to affect CoinGecko.

On June 7th, CoinGecko released an announcement confirming that GetResponse suffered a data breach on June 5th. It allowed attackers to export the contact information of over 1.9 million users.

CoinGecko confirmed a compromised employee email as the cause of the data breach. They said:

“An attacker had compromised a GetResponse employee’s account, leading to a breach. We received confirmation from the GetResponse team on 6 June 2024, at 11:58 AM UTC, that a data breach had occurred.”

The compromised data includes users’ names, email addresses, IP addresses, and email open locations. Metadata such as sign-up dates and subscription plans were also exposed. CoinGecko user accounts and passwords remain secure and uncompromised.

CoinGecko Data Breach Affects Over 23,000 Users

Despite CoinGecko’s primary email domain remaining uncompromised, the attacker was still able to send 23,723 phishing emails. CoinGecko confirmed:

“The attacker exported 1,916,596 contacts from CoinGecko’s GetResponse account and sent phishing emails to 23,723 emails from another GetResponse client’s account (alj.associates).”

Phishing is a scam where attackers deceive people into revealing sensitive information, like crypto wallet private keys.

Other phishing attacks, known as address poisoning scams, aim to trick investors into willingly sending funds to a fraudulent address that looks similar to addresses they previously interacted with.

In response, CoinGecko provided steps on how users can protect themselves from potential scams. They encourage users to avoid unfamiliar or misleading domains, clicking on links, downloading attachments from unsolicited sources, and token airdrop offerings.

Crypto Scammers’ Tactics Are Evolving

Leaks of private keys and personal data have become the primary cause of cryptocurrency-related hacks. Exploiters now target these vulnerabilities, opting for easier targets rather than attempting to breach more complex protocols.

Over 55% of the hacked digital assets were lost to private key leaks during 2023, according to Merkle Science’s 2024 HackHub report.

Crypto total losses by vulnerabilities. Source: Merkle Science

This trend emerges amid rising use of scam tactics that leverage AI, ushering in a new era of cyber threats. These tactics include deepfake scams, state-sponsored attacks, and other sophisticated illicit activities.

Deepfake videos frequently exploit the likeness of influential figures to promote fraudulent investment schemes. They falsely imply that the project has legitimate or official backing, legitimizing it among potential victims.

Most recently, over 35 YouTube channels live-streamed the Space X launch using an AI-generated voice to impersonate Elon Musk.

The scheme exploited Musk’s likeness to instruct viewers to send Bitcoin or Ethereum to an address to get double back. They claimed “This is not a fake, this is a real giveaway. I personally guarantee it to you.”

https://twitter.com/ference/status/1798721708742029412

There have also been instances of deepfake technology impersonating high-level executives during online meetings. This exploits the figure’s position to potentially authorize large transactions, impacting both the corporate and crypto sectors.

More Articles

Price Analysis
Four XRP ETF Filings Hit the SEC – Will This Push XRP to New All-Time Highs?
Simon Chandler
Simon Chandler
2025-02-07 14:12:04
Industry Talk
Berachain’s BERA Airdrop Surges 71% – Can it Overtake Solana?
Simon Chandler
Simon Chandler
2025-02-07 14:05:52
Crypto News in numbers
editors
Authors List + 66 More
2M+
Active Monthly Users Around the World
250+
Guides and Reviews Articles
8
Years on the Market
70
International Team Authors