Core Viewpoint - The recent rise in security risks within the cryptocurrency market is highlighted by a case where a fraudster impersonated a customer service representative from Coinbase, illegally obtaining approximately $2 million in crypto assets from multiple users [1][4]. Group 1: Fraud Details - The fraudster utilized sophisticated social engineering techniques to gain the trust of victims, reflecting the vulnerability of human factors in the decentralized finance ecosystem [1][4]. - The investigation led by ZachXBT revealed that the fraudster's identity was tracked through cross-referencing Telegram chat screenshots, social media activity, and on-chain wallet transactions [1][4]. - Despite attempts to conceal their identity by frequently changing Telegram usernames and deleting old accounts, the fraudster's ostentatious display of wealth online provided crucial evidence for tracking [1][4]. Group 2: Psychological Manipulation - The core of social engineering fraud lies in the precise manipulation of victims' psychological expectations, often creating a high-pressure environment that leads victims to lower their guard [2][5]. - Fraudsters typically create professional-sounding customer service environments and provide seemingly official email responses to mislead victims into believing they are addressing urgent security issues [2][5]. Group 3: Risk Prevention Strategies - Establishing a systematic security defense framework is deemed essential, with recommendations for investors to adhere to the principle of "not sharing unless necessary" [2][5]. - It is advised that investors utilize physical security keys for cross-platform identity verification instead of relying solely on SMS codes, as traditional protective measures are becoming insufficient [2][5]. - Storing large assets in offline hardware wallets is recognized as one of the most effective risk mitigation strategies [2][5]. Group 4: Industry Regulation and User Awareness - Strengthening the collaboration between industry regulation and technical monitoring is crucial for protecting investor interests, with calls for trading platforms and third-party security agencies to establish rapid warning mechanisms [3][6]. - Users are encouraged to enhance their operational security awareness by avoiding excessive exposure of their asset holdings or personal contact information on social media [3][6]. - Regular self-checks of account security settings and consulting through official channels are recommended to safeguard digital wealth in a complex market environment [3][6].

吴说获悉，据链上侦探 ZachXBT 披露，加拿大威胁行为者 Haby（Havard）通过冒充 Coinbase 客服实 施社会工程学诈骗，在过去一年中盗取超过 200 万美元加密资产，并将赃款挥霍于稀有社媒用户名、夜 店与赌博等消费。调查称，Haby 近期频繁购买昂贵 Telegram 用户名，并在两天前删除近期账户。通过 OSINT 分析，其位置疑似在温哥华附近的阿伯茨福德。ZachXBT 表示，加拿大执法机构或已掌握相关 信息，但当地类似案件起诉率较低。 （来源：吴说） ...