My complaint:
On 7-20-2021 at approximately 10:20 am someone ported my phone number over (Metro Pcs Provider) to an unknown device. This took place within 3 weeks of becoming involved in Cryptocurrency with coinbase, and no other exchanges. I have had that phone number for over 20 years with no issues until joining coinbase.
As per your policy to stop this type of scam, you are supposed to block transfers for up to 48 hours when what happened to me takes place, and for some reason you did not. You have denied a password reset ever took place, and consider the case resolved, despite me having and offering you proof that it did take place which was sent from your company. Instead of asking for this info when I made you aware of it, you stopped replying.
My account was accessed from an unknown device, with an unknown IP, from a location (Raleigh) no where near where I live, and all of that minutes after the only password reset that ever took place on that 3 week old account.
After they took phone number over they used it to reset my hotmail password (because based on Coinbases’ suggestion I had enabled 2 factor authentication, which is what made this scam possible) and used the hotmail account and phone they took over to reset my Coinbase password. Once in there, they converted everything I had into Ethereum and transferred it out to this address.
0x477cbB8233E9a3cfB492128B72DEe012a0E0b860.
Something I found strange after investigating this is that the thief took the time to delete all the emails showing this happened and then went to delete folder and removed them. They spent all that precious time while in control of my phone number before trying to access other accounts like my bank, as if it was very important, even though all that info is also saved on your site as well. I restored those emails and it wasnt until your company denied the password reset I thought again about them. Only thing deleting the action trail would accomplish that I can think of is to leave me with no proof that a password change had actually taken place.
$600 of those funds should not have been available until 2 days later, but were still converted and transferred somehow. This combined with how often this happens to Coinbase customers, especially those who are in the first month of joining coinbase, and add to it the fact the password reset is being denied by your company shows that this is an employee who has enough access to delete that action after taking it.
I have proof I can provide of everything mentioned here, and can provide it upon request.
Suggested solution:
I do not want the small amount of cash the thieves stole when the market was crashed and they didnt care about wasting it all on fees associated with converting and transferring it all.
I want back the number of shares I possessed of each Crypto before this intrusion was allowed to bypass the 48hour account lock and convert then transfer everything.
I also want you to put something on your site educating people about this scam in order to help them avoid it. Just like you offer learning about crypto, you should also offer learning about how to avoid Sim Swap scams and other scams associated with Crypto.
After multiple emails from coinbase lying to me and telling me they had no record of a password reset, they finally told the truth and admitted there was a password reset. That password reset came from an unkown IP, on an unrecognized device from a location in Raleigh over 1000 miles away from where I have done 100% of my business. Despite all that and despite having a system in place to prevent transfers when that happens, all of my assets were allowed to be converted into ethereum (an action that is probably how 99.99% of these account intrusions end)… Read more »