Christian 'Daytwo' Nieves, a New York-based scammer, orchestrated a social engineering scheme impersonating Coinbase Support to defraud users of over $4 million. Using a call center operation, Nieves convinced victims to install and set up Coinbase wallets whose private keys were compromised, enabling unauthorized transfers of funds.
Industry investigator ZachXBT tracked this operation over several months, revealing that at least 30 Coinbase users were successfully targeted, including a $240,000 theft from an elderly victim in 2024. In total, similar impersonation scams had stolen approximately $150 million by early 2025.
Most of the stolen funds were rapidly lost by Nieves due to a gambling addiction, including bets at online casinos such as Roobet where assets were partially converted to Monero (XMR). Luxury goods and lifestyle expenses further depleted the ill-gotten gains.
ZachXBT underscored the amateurish and blatant nature of the scammer, who taunted investigators and openly discussed money laundering activities on videos and Discord calls. Despite the egregious fraud, law enforcement interventions could lead to cases against Nieves, but victim fund recovery remains unlikely due to the rapid spending and gambling losses.
This case highlights the growing epidemic of Coinbase impersonation scams fueled by leaked user data and social engineering attacks, stressing the need for heightened vigilance among crypto users to prevent further victimization in the ongoing 'crypto crime supercycle.'