Phone-based attacks

What is a phone-based attack?

A phone-based attack (also known as SIM-swap or phone-port attack) occurs when an attacker has their target's phone number transferred to a mobile device under the attacker's control. Fraudsters are able to do this through a variety of means, including identity theft and socially engineering mobile-carrier customer support representatives. This type of attack is a threat to all accounts using SMS-based 2-step verification and any account that can be recovered using phone-based authentication.

How can I prevent a phone-based attack?

To help protect your Coinbase account from this type of attack, we highly recommend utilizing a stronger form of 2-step verification such as Universal 2nd Factor (U2F) with a security key or Time-based One Time Password (TOTP) with a mobile authenticator app such as Duo or Google Authenticator. To learn more about keeping your Coinbase account secure, please reference this help article.

Was this article helpful?

Can’t find what you’re looking for?

Contact us