00:02 Hey everyone account information on less than 1%
00:06 of Bitcoin or sorry Coinbase’s uh MTUS
00:10 which is monthly transacting users. It’s
00:12 the way they measure active users. So
00:14 less than 1% of their active user
00:18 account information was leaked. Now that
00:20 is not usernames, passwords or
00:23 two-factor authentication. So none of
00:25 what was leaked directly enables uh
00:28 hackers or scammers to access your uh
00:32 account on Coinbase. But what it does
00:34 do, which is why the hackers and
00:36 scammers wanted it, was it does allow
00:39 them to run much more sophisticated
00:42 social engineering attacks. So what is a
00:44 social engineering attack? Well, a
00:46 social engineering attack is an effort
00:48 to get you to voluntarily give your
00:51 Bitcoin or or access to your account to
00:55 scammers and hackers by sweetalking you
00:59 into doing that by pretending to be
01:01 technical support
01:02 representatives. So, what does that look
01:04 like? Well, so uh they will typically
01:07 someone will call you out of the blue
01:09 claiming to be from Coinbase. They’ll
01:11 claim to have a, you know, here’s my
01:13 badge number, here’s my security
01:15 clearance, here’s my whatever. And now
01:18 that they have additional account
01:20 information, they can look more
01:22 credible. So, they can say, “Hey, I just
01:24 wanted to check, did you indeed buy a
01:27 sandwich at Panera Bread for
01:30 $13.61?” And you’re thinking, “Oh, well,
01:32 yes, actually I did. These people must
01:34 be from Coinbase.” The answer is, “No,
01:36 they’re not from Coinbase. they just had
01:39 uh they just compromised less than 1% of
01:41 accounts. Um which again is uh you know
01:44 it’s less than 1% but uh I think
01:48 Coinbase has total users of above 100
01:50 million. I’m not sure how many of those
01:52 are monthly transacting users. So let’s
01:55 assume that number is I mean it’s you
01:57 know perhaps less than a million but
01:59 that’s still a whatever that number is
02:00 is still a huge number of accounts. Uh,
02:03 but the most important things, well,
02:04 anyway, so the the scammers will call
02:07 you claiming to be from Coinbase and
02:09 they will know a lot of information
02:10 about your account. Again, they do not
02:12 have username, password, or two-factor
02:14 authentication codes, which is why
02:15 they’re calling you because they’re
02:17 going to try to trick you into giving
02:18 them that information, uh, two-factor
02:21 authentication codes, you know,
02:23 passwords, etc. Uh but they do have
02:25 enough information to get started which
02:27 is you
02:29 know okay so scammers and hackers they
02:32 use your email address and your phone
02:34 number to contact you. They use the
02:36 additional information they know about
02:38 your account on Coinbase to build
02:41 authenticity with you uh credibility to
02:44 so that you actually believe they are a
02:45 tech support rep or a security somebody
02:48 from Coinbase. And then ultimately in
02:50 the process they try to trick you into
02:52 revealing your password and your
02:55 two-factor authentication codes by
02:56 sending you links that claim are like
02:58 secure login portals for Coinbase or
03:01 Anyway, it’s super sophisticated. Uh,
03:04 first of all, Coinbase will never call
03:05 you if if you get a phone call out of
03:08 the blue from someone claiming to be
03:09 from Coinbase or from Google or from,
03:12 you know, Gemini or you name it. Um,
03:14 those companies never proactively call
03:17 you. So, if you are being called by
03:19 somebody uh claiming to be from
03:20 Coinbase, it is 100% a scam. They do not
03:23 proactively call people. They just never
03:26 do that. That’s part of their security
03:27 protocol is they never call you. Um, the
03:30 only way you can get a phone call from
03:32 Coinbase is by initiating a request for
03:35 a phone call from within the Coinbase
03:37 app. And if you do that from within the
03:39 app, uh, it will they will call you, but
03:42 they call you basically immediately when
03:44 you click initiate call and you know
03:46 it’s legit because you literally
03:48 initiated it from within the app, but
03:49 they’re never just going to call you out
03:50 of the blue. Um anyway, so how can you
03:53 So the number one thing that they got
03:54 that is most valuable to them in
03:56 addition to just sort of you know
03:58 usernames and sort of what accounts what
04:00 is account balances. They want account
04:03 balances because they want to prioritize
04:06 how sophisticated uh it’s worth being to
04:09 try to compromise someone’s account. So
04:12 obviously if they know account balances,
04:14 they’re going to they’re going to take
04:15 the entire customer spreadsheet of
04:17 information that they got. I promise you
04:20 they will sort it by account balance,
04:22 largest to smallest. That’s the very
04:24 first thing they’re going to do is
04:25 they’re going to sort it by account
04:27 balance from largest to smallest and
04:29 then they are going to start working up
04:31 their uh planned uh scamming starting
04:35 with the largest accounts. And so for
04:37 the the largest accounts, they’re going
04:38 to put their best people on it uh that
04:41 have that have no foreign accent that
04:44 are the most, you know, swab and
04:46 sophisticated. and they’re going to
04:48 spend the most time researching the
04:50 account and coming up with what they
04:52 think is the person is the person is
04:54 most likely to fall for. They’re going
04:56 to call them at the time of day that
04:57 they think the person is most likely to
04:59 be susceptible. Uh all of those things.
05:01 So for the the highest value accounts,
05:04 for example, accounts with more than a
05:05 million dollars, they’re going to be
05:07 very sophisticated trying to get that uh
05:10 Bitcoin or other cryptocurrency from
05:13 that person. For accounts between maybe
05:15 a h 100,000 and a million, they’ll be
05:17 moderately sophisticated. For accounts
05:19 with less than 100,000, they’ll probably
05:21 robo dial them. It’ll be people with
05:23 foreign accents just robo robo dialing
05:26 for dollars hoping they get lucky. Um,
05:29 so if your account balance is less than
05:31 $100,000 on Coinbase, you know, they’re
05:34 the attacks may not be super
05:35 sophisticated, but a lot of people fall
05:37 for, you know, social engineering
05:39 attacks that are not very sophisticated.
05:40 something. The person just calls and
05:42 says, you know, “Hey, I’m from Coinbase.
05:44 I’m from technical support. We’re we’re
05:46 concerned your account might have been
05:47 compromised. Um, you know, can you help
05:50 me log into your account to secure it?”
05:52 And then they ask you information like,
05:53 “What’s your email address? What’s your
05:56 password?” You know, “Okay, I’m going to
05:58 trigger a two-factor authentication
05:59 code,” which means they’re trying to log
06:00 into your account. “Okay, read me the
06:02 code.” like in obviously if they’re
06:04 calling you and then they have to ask
06:06 you what your account information is,
06:07 which they should already know if they
06:09 really were from Coinbase, it’s
06:11 obviously a scam. But a lot of people
06:12 fall for it anyway. And the
06:14 sophisticated scams do a lot more work
06:16 on the front end so that when they call
06:18 you, they already know all that
06:19 information. Not the username and
06:21 password and two-factor authentication
06:22 codes, but they know all the other
06:24 information. So they don’t have to ask
06:25 you and and you know, make it so
06:27 obvious. So what can you do about this?
06:29 Well, do what I’ve already done. do do
06:31 what numerous people have already done
06:33 which is buy a bit key bit i t ke y uh
06:36 website is bitkey.world so
06:40 bitkey.wld and move most or all of your
06:43 bitcoin to bit key. So why does that
06:46 help? Well, first of all, when the
06:48 account information leaks on
06:50 Coinbase and they sort it from highest
06:52 to lowest, guess what? your account is
06:55 not a big juicy target because your
06:57 account balance is either some, you
06:59 know, relatively low number if you keep
07:01 Bitcoin on there to use the Coinbase
07:03 debit card or your account balance is
07:06 zero because you’ve moved it all to
07:07 Bitkey or, you know, whatever it is,
07:09 it’s not some big juicy target, which
07:11 means the scammers and hackers are going
07:13 to spend much less time on you because
07:16 they see that your Bitcoin is not on
07:18 Coinbase anymore. Which means even if
07:19 they do compromise your account, so
07:21 what? they can’t get anything that’s not
07:23 on Coinbase. So, uh, so the first thing,
07:25 buy yourself a Bitkey, move most or all
07:28 of your Bitcoin, uh, to Bitkey and
07:30 that’s really it. Um, so Bitkey, the
07:33 architecture of Bitkey is they do not,
07:36 uh, because of the way government
07:37 regulations work, they are not required,
07:39 unlike Coinbase, which is required to
07:41 keep your, you know, copy of your photo
07:44 ID and your name and all the personal
07:46 information. Bit key doesn’t work that
07:47 way. The nature of Bitkey, the
07:49 architecture of Bitkey is structured
07:51 where they are not required to keep any
07:53 of that personally identifiable
07:55 information because they are not
07:57 swapping your Bitcoin for US dollars.
07:60 You’re doing that on Coinbase or
08:01 something like that. So, Bit Key does
08:03 not keep a bunch of personal information
08:05 about you for hackers and scammers to
08:06 hack, which means um there’s there’s,
08:10 you know, Bit Key customers are not
08:12 targeted uh the way Coinbase customers
08:14 are targeted. And if you do what I
08:17 recommend, which is if you have a medium
08:18 or large balance, let’s say a balance
08:20 above $10,000, certainly above $100,000,
08:24 if you keep your bit key in a safe
08:25 deposit box in a bank, then even if
08:27 scammers do call you, even if you are
08:29 temporarily tricked by their wy ways, it
08:33 doesn’t matter because your bit key is
08:36 at a bank and it takes you time to drive
08:38 there. And in the amount of time it
08:40 takes you to drive to the bank,
08:41 hopefully you’ll uh wake up out of your,
08:44 you know, mesmerized stuper that this,
08:46 you know, fake agent uh claims to be and
08:49 realize, wait a second, this whole
08:51 thing’s a scam. I’m on the phone with
08:53 somebody who’s trying to scam me. Um so
08:56 uh you know keeping uh your funds on
08:58 BitKey is basically solves between 99%
09:02 and 99%
09:04 99.9% of the likelihood of getting
09:07 hacked or scammed. Uh keeping your bit
09:09 key in a safe deposit box in a bank
09:11 solves the other.1% or 1% or whatever
09:15 microscopic bit is left. So hackers and
09:18 scammers are always going to target the
09:19 largest accounts. account information is
09:22 always going to leak on places like
09:24 Coinbase because they’re I mean when you
09:27 have a 100 million you know user
09:28 accounts and and in the case of Coinbase
09:30 they have a significant number of uh
09:32 overseas agents they use uh foreign
09:34 called centers which is obviously a huge
09:37 problem because those people are a lot
09:38 easier to bribe uh into uh you know into
09:42 compromising account information and
09:44 giving it to hackers and scammers than
09:46 US-based agents. US base agents are just
09:48 much less likely to do that because
09:50 they’re in the US. Uh they’re a lot more
09:52 likely to be caught if they do stuff
09:55 like that and it’s just they’re less
09:56 likely to do it. Um so um anyway,
09:60 Coinbase does use international agents,
10:01 overseas agents for technical support.
10:04 And in this case, that’s what happened.
10:05 Uh the scammers and hackers were able to
10:08 bribe enough overseas agents to
10:11 compromise enough accounts to be a
10:13 significant problem. Now, the last
10:15 pieces of the story here, which I posted
10:17 the video from Brian Armstrong, is the
10:19 hackers and scammers told Coinbase that
10:22 they would uh if Coinbase gave them $20
10:24 million, they would not use the
10:26 information. Basically, for $20 million,
10:29 the information that they compromised
10:31 on, Coinbase customers would never see
10:33 the light of day. uh Coinbase said no,
10:36 you know, they don’t negotiate with
10:37 terrorists is the famous saying. And
10:39 instead, Coinbase uh established a $20
10:42 million bounty for information that
10:45 leads to the arrest and conviction of
10:49 the individuals involved. So, um anyway,
10:52 it reminds me of the movie Ransom. If
10:54 you haven’t seen the the movie Ransom
10:56 with Mel Gibson, that was a a movie I
10:59 liked growing up. It’s rated R, so it’s,
11:01 you know, not suitable for children.
11:03 But, um, it’s, uh, anyway, I won’t I
11:06 won’t, uh, go into any details about it
11:08 in case you want to watch it, but, uh,
11:10 what Coinbase is doing, uh, reminds me
11:12 of the movie Ransom. Uh, so anyway, uh,
11:15 so Coinbase is putting a $20 million
11:17 bounty on the heads of the people who
11:20 are doing this for their um, uh, arrest
11:23 and conviction. And good for them. Good
11:26 job, Coinbase, for doing the right
11:27 thing. Um, but that doesn’t mean your
11:30 account information is not compromised.
11:31 And also, Coinbase has said they will
11:33 reimburse uh any losses from accounts uh
11:36 that have been compromised. It wasn’t
11:38 clear if that’s only if your account was
11:40 compromised prior to today. When would
11:43 they are releasing that that
11:44 information? One
11:47 second. It’s not clear if that’s only
11:49 from uh the past or if that is also uh
11:53 from today forward in addition to the
11:56 past. But regardless, uh, Coinbase has
11:58 announced that they will reimburse
11:59 anybody that is scammed or hacked as a
12:02 direct result of that data leak. Um, so
12:06 anyway, stay safe out there. Buy a Bit
12:08 Key, move most or all of your Bitcoin to
12:10 Bit Key, and you will not be susceptible
12:13 to the scammers and hackers the way um
12:15 the way you are if you just have a
12:17 significant account balance just sitting
12:19 there on Coinbase. Um, so anyway, do
12:22 what you can to stay safe out there. Uh,
12:24 cryptocurrency is a new technology. Any
12:26 new technology goes through phases like
12:28 this. This internet was the same thing.
12:30 When in email was first invented,
12:32 everybody on the planet was getting
12:33 emailed by Nigerian princes claiming
12:36 they needed help to unlock hundreds of
12:38 millions of dollars, etc., etc. So, um,
12:42 in this case, it’s just the same thing.
12:44 Um, it’s just, you know, cryptocurrency
12:46 is new, Bitcoin’s new, and so scammers
12:49 and hackers are chasing it all over the
12:51 place. And when people stop falling for
12:53 the scams, uh the scammers will stop
12:55 trying. And just like you get a lot
12:58 fewer emails from Nigerian princes
12:60 claiming they want to give you vast sums
13:02 of money, uh they stop sending those
13:05 emails because people stop falling for
13:06 them. So, you know, you stop falling for
13:09 them, the scammers give up and they move
13:11 on to some new tactic. But, uh stay safe
13:13 out there. Get a bit key. number one
13:15 recommendation to keep yourself in uh
13:18 safe and secure and to keep your Bitcoin
13:20 out of the hands of scammers and hackers
13:22 is buy yourself a bit key and keep most
13:25 or all of your Bitcoin on it. That is
13:28 the best way to to stay safe and secure
13:30 secure. So, have a great day everyone.
13:32 Thanks.
