Phishing sites are malicious websites which imitate an authentic site in order to trick visitors into entering their password. To avoid phishing sites, always make sure you're entering information on https://www.coinbase.com and not a different web address.
If you believe you've encountered a phishing site, please email email@example.com with the full URL. Please also include full email headers if the phish was sent via email.
Email headers show the network path that a message took. Without them, Coinbase cannot do a full investigation as we have no way of knowing which mail server is involved. Here is an example of what a complete set of email headers looks like:
You can extract email headers following specific instructions for each email client, for example, Gmail, Yahoo have specific instructions on their help page
There are also third party services that collect email headers. For example, https://mxtoolbox.com/public/content/emailheaders/
Our security team will investigate your submission and work towards shutting down any malicious sites as soon as possible.
Thank you for helping keep Coinbase and our customers safe from phishing sites!
Links to third-party websites will open new browser windows. Except where noted, Coinbase accepts no responsibility for content on third-party websites