Canadian Scammer Posing as Support Agent Steals Over $2M in Crypto

Source: Cryptonews Original Title: Canadian scammer posing as Coinbase support steals over $2M in crypto Original Link: https://crypto.news/canadian-scammer-posing-as-coinbase-support-steals-over-2m-in-crypto/ A Canadian scammer masquerading as a support executive from a major crypto exchange has stolen over $2 million in crypto from unsuspecting users.

Investigation Details

An investigation led by independent on-chain sleuth ZachXBT uncovered a sophisticated social engineering scheme where the fraudster convinced users that he was a legitimate support agent from the platform.

ZachXBT was able to identify the perpetrator by cross-referencing Telegram group chat screenshots, social media posts, and wallet transactions. He found that the individual, dubbed “Haby (Havard),” had raked in over $2 million over the past year and spent it on rare social media usernames, bottle service, and gambling.

How the Scam Worked

Social engineering, often referred to as human hacking, involves using manipulation tactics to exploit human psychology and extract sensitive information or influence someone to make unauthorized transactions that benefit the attacker.

The investigator shared a leaked video in which the scammer can be seen pretending to be a support agent to deceive a user. During the call, he leaked an email address and his Telegram handle, which helped link the identity across multiple platforms.

According to ZachXBT, Haby continually purchased expensive Telegram usernames and deleted old accounts to keep his trail hidden. However, the bad actor made the mistake of posting openly on social media, flaunting his luxury lifestyle funded by the stolen crypto. These public displays ultimately allowed the investigator to piece together the scammer’s identity and reportedly pinpoint his location in Abbotsford, British Columbia.

Why Major Exchanges Are Targeted

Due to high profile and large user bases, major crypto exchanges are frequently targeted not just by social engineering scams but also through a wide range of attack vectors, ranging from phishing emails to impersonation attempts.

In most cases, the stolen funds are quickly laundered or moved through privacy coins, making recovery nearly impossible due to the irreversible nature of blockchain transactions unless law enforcement intervenes in time.

Earlier this year, ZachXBT uncovered that social engineering scams resulted in at least $65 million stolen from users of a major exchange between December 2024 and January 2025. Similarly, the investigator exposed a New York-based scammer going by the alias “Daytwo” who had stolen over $4 million from users, including a $240,000 theft from a senior citizen. The stolen funds were often diverted to online gambling sites and converted into privacy coins.

Other leading crypto exchanges have also been hit by similar attacks in the past.

Protection Tips

To stay safe, remember that actual support representatives will never ask for seed phrases, login credentials, or redirect conversations to third-party services like WhatsApp or Telegram.