Share this article
FTX Customers Hit by 'Withdrawal' Phishing Mails After SIM Swap Attack
Woes for users of Sam Bankman-Fried's former company show no signs of stopping.
Updated Aug 29, 2023, 5:16 p.m. Published Aug 29, 2023, 6:44 a.m.
FTX customers continue to be plagued by issues several months after the exchange shut down, blocking millions of users from accessing billions in capital stored on the disgraced exchange.
Some former users are getting hit by a new phishing attack on their FTX-registered emails a week after Kroll, the claims agent in the bankruptcy proceedings, was impacted by a SIM swapping attack. The attack leaked personal information of customers, such as account balances, phone numbers and home addresses.
STORY CONTINUES BELOW
Don't miss another story.Subscribe to the Crypto Daybook Americas Newsletter today. See all newsletters
Customer data of other bankrupt crypto firms Genesis and lender BlockFi were also leaked in that attack. Crypto account passwords and other sensitive data weren’t affected, but customers were warned to be on the lookout for scammers impersonating parties in the bankruptcy.
Whoever got their hands on this goldmine of information lost no time in crafting hopeful emails that purport to return the lost capital to holders – as long as they first connect a crypto wallet to the account.
“You have been identified as an eligible client to begin withdrawing digital assets from your FTX account,” an email sent to several FTX creditors, viewed by CoinDesk, read. “Withdrawals will be dispatched in USDC matched to the balance of digital assets held in your wallet at the time of platform pause.”
“You can now withdraw to an external ERC20 wallet by clicking the withdraw now button,” the phishing mail states.
Connecting a wallet to such a phishing mail is likely to drain one’s token holdings, as it may request private key data to conduct the transfer.
A friend just received a phishing email to the email associated with their FTX account. pic.twitter.com/cWy3ykN4B3
— ZachXBT (@zachxbt) August 25, 2023
SIM swapping happens when scammers contact your mobile phone's carrier and trick them into activating a SIM card that the fraudsters have. The scammers then target phone numbers and use a victim’s information to steal passwords, financial data, cryptocurrencies and other valuable items.
Meanwhile, on Saturday, FTX said it had taken a “precautionary measure of temporarily freezing affected user accounts within the customer claims portal.” The claims portal is an official platform where creditors can submit details about their accounts.
More For You
What to know:
- As of October 2025, GoPlus has generated $4.7M in total revenue across its product lines. The GoPlus App is the primary revenue driver, contributing $2.5M (approx. 53%), followed by the SafeToken Protocol at $1.7M.
- GoPlus Intelligence's Token Security API averaged 717 million monthly calls year-to-date in 2025 , with a peak of nearly 1 billion calls in February 2025. Total blockchain-level requests, including transaction simulations, averaged an additional 350 million per month.
- Since its January 2025 launch , the $GPS token has registered over $5B in total spot volume and $10B in derivatives volume in 2025. Monthly spot volume peaked in March 2025 at over $1.1B , while derivatives volume peaked the same month at over $4B.
More For You
Euro Stablecoin Market Cap Doubles in Year After MiCA, Study Finds
Prior to MiCA, euro-denominated stablecoins' market cap contracted by 48% in the year leading up to June 2024.
What to know:
- Euro-stablecoin market capitalization more than doubled in the 12 months after the June 2024 rollout of relevant MiCA regulations, reversing a 48% decline from the prior year.
- EURS, EURC and EURCV saw the strongest gains.
- Monthly euro stablecoin activity jumped US$3.8 billion from US$383 millionand consumer search interest rose sharply across multiple EU countries.
Top Stories
