Fake CoinMarketCap Employees Target Users with Private Key Requests

TL,DR

CoinMarketCap warned about scammers posing as its support team.
The attackers seek to steal private keys or seed phrases through deception.
The company reiterated that it does not have a phone number and will never call its users.

The popular digital asset data provider, CoinMarketCap, has issued an urgent warning. It addressed the crypto community, alerting them about scammers posing as members of its support team.

According to the warning, posted this Tuesday on the company’s X account, these CoinMarketCap support impostors are actively contacting investors in an attempt to steal sensitive information.

The attackers’ goal is to trick victims into revealing their private keys or seed phrases under the false pretext of “providing help,” which would grant them full control over the affected users’ cryptocurrency wallets.

The firm, which was acquired by Binance in 2021 but operates independently, was emphatic in its statement: “BEWARE of scammers trying to impersonate CoinMarketCap members. CMC does NOT have a phone number and we will NEVER call you.”

The Rise of Social Engineering Scams

This incident highlights the growing threat of social engineering scams, a tactic where criminals psychologically manipulate people into disclosing confidential information.

Criminals pose as exchange representatives, technical support, or even law enforcement to build trust or pressure victims. According to blockchain sleuth ZachXBT, these attacks are increasingly sophisticated due to the large amount of personal information (real names, emails, case numbers) leaked online by “big firms.”

The impact of this method is in the multi-billions. A report from TRM Labs for the first half of 2025 revealed that $2.1 billion was stolen through hacks and exploits, with more than 80% of those losses originating from compromised private keys or seed phrases, mostly through social engineering.

Even Coinbase, the top US exchange, confirmed a customer data breach that led to estimated losses of $65 million between late 2024 and early 2025.

The modus operandi is similar to that seen with the CoinMarketCap support impostors: the attackers use leaked data to persuade users to move their funds to supposed “safe wallets” controlled by them.

Leave a Reply

Your email address will not be published. Required fields are marked *

Filed under: News - @ October 21, 2025 4:30 pm