Retired Artist Loses $2M in Crypto Scam Linked to Fake Coinbase Support Call

A 67-year-old retired artist, Ed Suman, has lost his entire $2 million crypto portfolio after falling victim to an elaborate scam involving a fake Coinbase support agent and a phishing website that mimicked the exchange’s login interface.

Suman, a former fabricator who helped build iconic artworks such as Jeff Koons’ Balloon Dog sculptures, transitioned into cryptocurrency investing after retirement. Over time, he amassed 17.5 Bitcoin ($1.8 million) and 225 Ether ($567,000), storing them securely in a Trezor Model One hardware wallet — a method typically used to prevent theft through online attacks.

How the Scam Unfolded

In March, Suman received a fraudulent text message alerting him to suspicious activity on his Coinbase account. Shortly after, he was contacted by someone claiming to be a Coinbase security representative named “Brett Miller.” The caller appeared knowledgeable, citing specific details such as his use of a hardware wallet.

Under the guise of enhancing security, the scammer directed Suman to a phishing website resembling Coinbase and walked him through a procedure that involved entering his wallet’s seed phrase — the master key to his crypto assets. Nine days later, another fake Coinbase representative contacted Suman and repeated the procedure. Soon after, all of his crypto was gone.

“I did everything I thought I was supposed to do. They made it sound like they were protecting me,” Suman told Bloomberg.

Crypto scammers impersonate Coinbase support. Source: NanoBaiter

Connection to a Broader Coinbase Data Breach

Suman’s loss comes in the wake of a recent Coinbase data breach, which reportedly involved contracted customer support agents in India being bribed by attackers to leak sensitive user data. According to Coinbase, the breach exposed:

• Full customer names

• Transaction history

• Account balances

The exchange said the breach impacted around 1% of its monthly transacting users.

Among those affected was Roelof Botha, managing partner at Sequoia Capital. While there’s no evidence his funds were compromised, the incident underscores the broader vulnerabilities in centralized crypto platforms, particularly regarding third-party support operations.

Coinbase's Chief Security Officer Philip Martin confirmed the Indian-based agents involved in the breach were terminated. The exchange has committed to paying between $180 million and $400 million in reimbursements and remediation to affected customers.

Phishing: A Persistent Threat in Crypto

The Suman case highlights how phishing scams remain one of the most effective and damaging attacks in crypto. Even users with hardware wallets — widely considered one of the safest storage methods — can be compromised if their seed phrase is exposed.

Security experts continue to warn users: Never enter your seed phrase into any website, regardless of how convincing it may appear. Legitimate crypto platforms will never ask for your seed phrase, especially over the phone or via unsolicited communication.