---
title: "Brooklyn Man Booked in $16M Crypto Phishing Scam Targeting Coinbase Users"
date: 2025-12-22
author: "Barry Elad"
featured_image: "https://sqmagazine.co.uk/wp-content/uploads/2025/12/brooklyn-man-booked-for-coinbase-crypto-phishing-scam.jpg"
categories:
  - name: "Cryptocurrency"
    url: "/crypto.md"
tags:
  - name: "News"
    url: "/tag/news.md"
---

# Brooklyn Man Booked in $16M Crypto Phishing Scam Targeting Coinbase Users

A Brooklyn resident has been indicted for allegedly orchestrating a phishing scheme that stole nearly $16 million from Coinbase users across the United States.

## Quick Summary – TLDR:

- A 23-year-old Brooklyn man allegedly posed as Coinbase support to steal cryptocurrency from around 100 users.
- The phishing scam ran from April 2023 to December 2024 and involved impersonation, laundering, and online bragging.
- Authorities recovered only a fraction of the stolen funds, with most of it funneled through mixers and gambling sites.
- Coinbase, Flashpoint, and blockchain investigator ZachXBT assisted in identifying the suspect and tracing stolen assets.

## What Happened?

**Ronald Spektor**, a 23-year-old from Sheepshead Bay, Brooklyn, has been indicted on **31 criminal counts** for allegedly running a **long-term phishing and social engineering scheme** targeting Coinbase users. Prosecutors say the scam tricked victims into transferring their cryptocurrency to wallets secretly controlled by Spektor.

The operation led to the theft of around **$16 million** from roughly **100 individuals** across multiple states.

> Crypto scams aren’t anon.  
>   
> Coinbase is committed to working with law enforcement to trace funds, support victims, and pursue accountability.  
>   
> We’re proud to have helped the Brooklyn DA bring justice in a long-running impersonation scam. And thanks [@zachxbt](https://twitter.com/zachxbt?ref_src=twsrc%5Etfw) for your contributions. [pic.twitter.com/zXRLRSFEEp](https://t.co/zXRLRSFEEp)
> 
> — Coinbase 🛡️ (@coinbase) [December 19, 2025](https://twitter.com/coinbase/status/2002086423802122377?ref_src=twsrc%5Etfw)

 ## How the Scam Worked?

According to the Brooklyn District Attorney’s Office, Spektor **impersonated [Coinbase](https://sqmagazine.co.uk/coinbase-statistics/) customer support** through phone calls, text messages, and emails that mimicked official communication. Victims were falsely told their accounts were under threat, prompting them to transfer assets into what appeared to be secure wallets. These wallets, however, were under Spektor’s control.

Once the funds were moved, Spektor allegedly **laundered them using a mix of tools**:

- Crypto mixers to obscure transaction trails.
- Token-swapping services to convert currencies.
- Online gambling platforms and storefronts to further distance funds from their origins.

Authorities say some victims lost over **$1 million** each, including residents from California and Virginia. Losses ranged widely, but each case followed the same pattern of **deception and manipulation**.

## Online Identity and Digital Trail

Spektor reportedly operated under the aliases **“Ronaldd”** and **“@lolimfeelingevil”**. He also ran a [Telegram](https://sqmagazine.co.uk/telegram-statistics/) group called **Blockchain enemies**, where he is said to have **bragged about the thefts** and **admitted to gambling away $6 million**.

Investigators linked Spektor to the crimes through a combination of:

- **Blockchain analysis**
- **Transaction records**
- **Digital forensic evidence**, including use of his home internet

They seized **$105,000 in cash** and **$400,000 in cryptocurrency**, though much of the stolen funds remain unrecovered.

## Support From Coinbase and Investigators

The case marks a significant collaboration between the **Brooklyn DA’s Virtual Currency Unit**, **Coinbase**, **Flashpoint**, and independent blockchain sleuth **ZachXBT**.

ZachXBT became involved after a victim who lost $6 million sought his help. His November 2024 investigation played a key role in identifying Spektor, and Coinbase later **thanked him publicly** for his contribution.

Coinbase CEO **Brian Armstrong** shared a stern message on X following the indictment, warning that **“scammers targeting Coinbase customers will be brought to justice.”**

**Paul Grewal**, Coinbase’s Chief Legal Officer, emphasized the company’s role:

“

We supported the investigation by helping identify the perpetrator, assisting law enforcement to trace and recover funds, and providing the evidence needed to charge him.

Paul GrewalChief Legal Officer – Coinbase





## Ongoing Case and Broader Implications

Spektor has **pleaded not guilty**, and his attorney has called the charges **“speculative.”** Prosecutors revealed he was planning to **flee the country** before being caught. His **father is now considered an active suspect** in connection with the scheme.

**This case comes amid a challenging year for Coinbase:**

- In **February 2024**, users lost over **$65 million** to social engineering scams.
- By **May**, a **data breach** impacted nearly **70,000 users**, with losses estimated between **$180 million and $400 million**.

These incidents underscore how **phishing and impersonation tactics** remain one of the most effective and damaging forms of crypto fraud. Unlike [smart contract vulnerabilities](https://sqmagazine.co.uk/smart-contract-bug-bounties-statistics/) or protocol exploits, these attacks depend solely on **deceiving users through off-platform communication**.

## SQ Magazine’s Takeaway

I think what shocks me most here is just how far these scammers will go. This wasn’t some sloppy hack or lucky guess. It was a long con, built on trust, urgency, and fear. And it worked. The fact that a single person can steal millions from regular investors by pretending to be support staff shows how fragile crypto security really is when humans are the weak link. It’s a wake-up call for the entire industry to focus not just on code, but on customer education, too.