Is it possible for someone to spoof an email address, let’s say from Coinbase.com?
Discussion
Yes
absolutely, this is a very useful tool to check the headers and possibly determine where it really came from:
Yes! But depends on DKIM and SPF records, as well as your email server that receives that email. If done right, not possible, other wise it is! PGP signed or S/MIME sines messages are the best proof of authenticity! 🐶🐾🫡
Someone totally just tried to scam me, fuckers.. TG my account is empty.. omg. I should call this out in a separate note.
Did you get SIM swapped?
What! Can you call Coinbase and somehow revert the transaction? This is insane! 🐶🐾🫂
Spoofing emails is really really easy but like others have said modern security like DKIM makes it easy to spot. Most email providers automatically put emails in spam if the headers don't match or are absent.
They didn’t spoof, it was a real email from Coinbase, and someone else with my email sending an email change request
I have to say, this crap is the best argument against Bitcoin. Cyber security is a mystery to 99.99% of normies and 90% of Bitcoiners. It may be a long grind before they/we are informed and equipped enough to handle our wealth safely. Tricky.
Tricky part is they didn’t even have to spoof it, as difficult as that would be, they just had to scam around it.. Agree, normies could have easily been played…
Trying to get a non techie friend setup now with cold storage… How do I get him comfortable with it..
Would having like a quick checklist for non tech people be helpful? I normally take care of the InfoSec things for my family and friends when they ask, but what would be the best way to warn people without constantly being there to help? Some sort of cheat sheet for spoofing, scamming, phishing, etc? Things to trust and not trust? Would help to get perspective from general public. 🐶🐾🫡
Jameson Lopp has great articles about cybersecurity and Bitcoin.
It’s definitely a good start.