Kaspersky warns of Сoinbase phishing campaign targeting Windows users

Khadamaty-New

Cybersecurity firm Kaspersky has unveiled a sophisticated phishing campaign targeting users of Coinbase — the global cryptocurrency exchange — with a particular risk to Windows-PC users in Egypt and the Arab region. The campaign highlights growing concerns about crypto scams, phishing attacks and digital security in the MENA fintech and blockchain sectors.

According to Kaspersky, the attack begins with an email purporting to be a Coinbase account statement. Recipients are urged to click a link and download the claimed statement — but only via a Windows-based desktop or laptop device. Upon opening the file, g malicious remote access software automatically installs and allows threat actors full control of the machine. The attackers then capture the user’s Coinbase login credentials, enabling crypto theft or account takeover. This method corresponds to the classic phishing playbook.

“This phishing campaign is a stark reminder of how cybercriminals exploit trusted platforms like Coinbase to deceive users. By masquerading their tool as a legitimate account statement, attackers are weaponising user trust,” said Olga Altukhova, Senior Web Content Analyst at Kaspersky.

For users in Egypt and the broader Arab region — where crypto awareness is rising amid regulatory ambiguity and where the risk of online fraud is high — it is critical to adopt preventive measures. These include verifying unsolicited emails or links, never sharing two-factor-authentication (2FA) codes, avoiding downloads of unexpected attachments, and using trusted security solutions. In its official guidance, Coinbase reminds users that it will never ask for passwords, seed phrases or request the download of software from unverified links.

Given the surge in digital transformation, crypto adoption and investment activity in Egypt, vigilance is vital. Phishing attacks like this erode trust in the crypto ecosystem and underscore the need for stronger cybersecurity practices among individual investors and institutional players alike in the MENA region.