Phishing sites are malicious websites which mimic an authentic site in order to trick visitors into entering their login credentials and other sensitive information. One of the best ways to avoid phishing sites is to always make sure you're accessing https://www.coinbase.com directly and not a different web address.
Report phishing emails
If you believe you've encountered a phishing site, please email [email protected] with the full URL.
If the phish was sent via email, please include full emails headers with your report. Email headers show the network path that an email took to your inbox. Without them, Coinbase cannot complete a full investigation as we have no way of identifying which mail server is involved.
To collect email headers, please reference your email providers support documents or review this webpage: https://mxtoolbox.com/public/content/emailheaders/ to find instructions related to your specific email client.
Report phishing texts to Coinbase
If the phishing message was sent via text message or SMS, please submit a screenshot of the phishing text in a message to [email protected]. You can also reduce the likelihood of receiving messages like this in the future by copying and pasting the contents into a new SMS message and sending it to 7726 (SPAM).
When we receive your report, our security team will investigate your submission and take prompt action to shut down any malicious sites targeting Coinbase customers.
Report phishing to your mobile provider
If you use a US-based cell phone carrier like AT&T, Verizon, Sprint, or T-Mobile, you can help reduce phishing attacks by sending the contents of suspicious SMS messages to 7726 (SPAM). This service is free and allows mobile carriers to detect and block malicious messages on their network.
Thank you for helping keep Coinbase and our customers safe from phishing sites!
Links to third-party websites will open new browser windows. Except where noted, Coinbase accepts no responsibility for content on third-party websites.