Share this article
FTX Customers Hit by 'Withdrawal' Phishing Mails After SIM Swap Attack
Woes for users of Sam Bankman-Fried's former company show no signs of stopping.
Updated Aug 29, 2023, 5:16 p.m. Published Aug 29, 2023, 6:44 a.m.
FTX customers continue to be plagued by issues several months after the exchange shut down, blocking millions of users from accessing billions in capital stored on the disgraced exchange.
Some former users are getting hit by a new phishing attack on their FTX-registered emails a week after Kroll, the claims agent in the bankruptcy proceedings, was impacted by a SIM swapping attack. The attack leaked personal information of customers, such as account balances, phone numbers and home addresses.
STORY CONTINUES BELOW
Don't miss another story.Subscribe to the Crypto Daybook Americas Newsletter today. See all newsletters
Customer data of other bankrupt crypto firms Genesis and lender BlockFi were also leaked in that attack. Crypto account passwords and other sensitive data weren’t affected, but customers were warned to be on the lookout for scammers impersonating parties in the bankruptcy.
Whoever got their hands on this goldmine of information lost no time in crafting hopeful emails that purport to return the lost capital to holders – as long as they first connect a crypto wallet to the account.
“You have been identified as an eligible client to begin withdrawing digital assets from your FTX account,” an email sent to several FTX creditors, viewed by CoinDesk, read. “Withdrawals will be dispatched in USDC matched to the balance of digital assets held in your wallet at the time of platform pause.”
“You can now withdraw to an external ERC20 wallet by clicking the withdraw now button,” the phishing mail states.
Connecting a wallet to such a phishing mail is likely to drain one’s token holdings, as it may request private key data to conduct the transfer.
A friend just received a phishing email to the email associated with their FTX account. pic.twitter.com/cWy3ykN4B3
— ZachXBT (@zachxbt) August 25, 2023
SIM swapping happens when scammers contact your mobile phone's carrier and trick them into activating a SIM card that the fraudsters have. The scammers then target phone numbers and use a victim’s information to steal passwords, financial data, cryptocurrencies and other valuable items.
Meanwhile, on Saturday, FTX said it had taken a “precautionary measure of temporarily freezing affected user accounts within the customer claims portal.” The claims portal is an official platform where creditors can submit details about their accounts.
More For You
What to know:
- As of October 2025, GoPlus has generated $4.7M in total revenue across its product lines. The GoPlus App is the primary revenue driver, contributing $2.5M (approx. 53%), followed by the SafeToken Protocol at $1.7M.
- GoPlus Intelligence's Token Security API averaged 717 million monthly calls year-to-date in 2025 , with a peak of nearly 1 billion calls in February 2025. Total blockchain-level requests, including transaction simulations, averaged an additional 350 million per month.
- Since its January 2025 launch , the $GPS token has registered over $5B in total spot volume and $10B in derivatives volume in 2025. Monthly spot volume peaked in March 2025 at over $1.1B , while derivatives volume peaked the same month at over $4B.
More For You
Turkey's Paribu Buys CoinMENA in $240M Deal, Expanding Into High-Growth Crypto Markets
With the acquisition, Paribu gains regulatory foothold in Bahrain and Dubai and access to the region's fast-growing crypto user base.
What to know:
- Paribu acquires Bahrain- and Dubai-based CoinMENA for up to $240 million.
- Deal marks Turkey’s biggest fintech acquisition and first international crypto M&A, the firm said.
- The move taps into the MENA region’s fast-growing crypto user base and supportive regulatory hubs.
Top Stories
