Victim Entered Seed Phrase on Fake Site Following Convincing Phone Calls from Fraudster
A retired artist and fabricator lost more than $2 million in cryptocurrency after falling prey to a phishing scam involving a fraudster impersonating a Coinbase security representative, according to a May 17 Bloomberg report.
Ed Suman, 67, had built an impressive crypto portfolio comprising 17.5 Bitcoin (BTC) and 225 Ether (ETH) — most of which he had saved after a long career in the art world helping fabricate high-profile works, including Jeff Koons’ Balloon Dog sculptures.
After storing his assets securely in a Trezor Model One hardware wallet, Suman received a fraudulent text message in March, alerting him to supposed unauthorized access to his Coinbase account.
Shortly after, he was contacted by a man posing as “Brett Miller,” a Coinbase security staffer who appeared to know specifics about Suman’s crypto setup.
Phishing Site Posed as Coinbase Interface
Claiming that Suman’s hardware wallet was still at risk, the imposter convinced him to follow a “security procedure”, which included entering his recovery seed phrase into a website designed to look like Coinbase’s login interface.
Nine days later, a second caller repeated the same process. By the end of the call, all of Suman’s cryptocurrency holdings had been drained.
“It was my entire retirement,” Suman told Bloomberg.
The incident has spotlighted the dangers of social engineering attacks, especially those targeting crypto users with hardware wallets who assume they are safe from online threats.
Scam Coincides With Major Coinbase Data Breach
The attack on Suman occurred around the same time as a massive data breach at Coinbase, in which customer service agents in India were bribed to provide access to sensitive customer data.
According to Coinbase, the breach compromised the names, balances, and transaction histories of about 1% of its monthly transacting users.
Among those affected was Roelof Botha, managing partner at Sequoia Capital, though there is no indication his funds were compromised. Botha declined to comment.
Coinbase’s chief security officer, Philip Martin, said the agents responsible had been terminated, and the company pledged between $180 million and $400 million in reimbursements and remediation for affected users.
Final Thoughts: Seed Phrase Scams Still Claim Victims
Despite growing awareness of crypto-related scams, the case of Ed Suman underscores how well-executed social engineering can bypass even the best personal security practices — especially when seed phrases are voluntarily entered under false pretenses.
While hardware wallets remain one of the most secure ways to store crypto, experts emphasize that seed phrases should never be entered into any website, no matter how legitimate it looks or sounds.
As phishing tactics grow more sophisticated and customer data breaches expose new vulnerabilities, the crypto community faces an urgent need for better education, platform-level safeguards, and robust user authentication to stop similar attacks in the future.
