Pum.fun launched its native token PUMP earlier today, and not so surprisingly, the sale ended in 12 minutes. In this duration, about $500 million worth of PUMP was picked up by retail investors at a $4 billion valuation.
However, as per BeInCrypto’s analysis, the anticipation did not fare well for the pump.fun ecosystem tokens.
Goatseus Maximus (GOAT)
GOAT price surged 23% this week, emerging as one of the better-performing pump.fun tokens. However, the anticipation surrounding the PUMP token launch led to a 9% drop in the last 24 hours.
Despite this, GOAT remains an altcoin to watch as it shows significant volatility and market interest.
Currently trading at $0.120, GOAT is holding above the critical support level of $0.117. The MACD indicates that bullish momentum is strengthening, potentially pulling the price back up.
However, if investors decide to secure profits by selling their holdings, GOAT could face downward pressure. A fall through the $0.117 support could lead the altcoin to slip to $0.102, invalidating the bullish thesis.
Peanut the Squirrel (PNUT)
PNUT price increased by 19.2% over the past week, reaching $0.264. However, like other pump.fun tokens, it experienced an 8% drop in the last 24 hours. Despite this, PNUT is still showing signs of positive momentum.
The Parabolic SAR currently indicates an uptrend for PNUT. If the altcoin can sustain above the key support level of $0.260, it could rally towards $0.300. Continued positive momentum in the broader market could further boost PNUT’s price.
If PNUT fails to maintain support at $0.260, it could face downward pressure. A drop below this level could push the price to $0.219, erasing recent gains and invalidating the bullish outlook.
Pythia (PYTHIA)
PYTHIA emerged as the only coin to note a rise in the last 24 hours, trading at $0.048 after a 42% increase. The altcoin is now facing the resistance of $0.052. This momentum could indicate further price growth, as PYTHIA continues to attract investor attention in the pump.fun ecosystem.
The Ichimoku Cloud below the candlesticks signals a bullish trend for PYTHIA. This indicates potential for further price increases, especially with the upcoming launch of the PUMP token.
Should the market conditions stay favorable, PYTHIA could breach the $0.052 resistance level and target $0.060 in the coming days.
However, if profit-taking occurs, PYTHIA may face a price decline. A fall below the $0.039 support could lead to further downward movement, potentially reaching $0.033. Should this happen, it would invalidate the current bullish outlook.
Meme coins had a good run over the last 24 hours as the broader market cues remained bullish. The total value of these joke tokens shot up by 2.5% and is currenrlly at $60.12 billion led by the small cap token Banana For Scale’s 37% rise.
BeInCrypto has analysed two other meme coins in addition to BANANAS31 for investors to watch in the coming days.
FLOKI has risen by 12% in the last 24 hours, reaching a near-monthly high of $0.00009193. The meme coin is on the verge of breaking through the major resistance level of $0.00010081. If the upward momentum continues, FLOKI could potentially see further price gains in the near future.
The Parabolic SAR, positioned below the candlesticks, is providing support for FLOKI, suggesting that an uptrend is likely to continue. This indicates that the meme coin could maintain its positive price movement, with the potential to move towards higher resistance levels.
However, if FLOKI fails to secure $0.00009006 in support, the price could experience a sharp decline. A drop below this support level would likely push FLOKI to $0.00008172, invalidating the bullish outlook. This scenario would suggest a reversal in market sentiment, leading to a potential correction.
MOG surged by 17.5% in the last 24 hours, currently trading at $0.000001135, just above the support level of $0.000001121. Securing this support is crucial to maintain the recent gains and prevent a reversal. This level will determine whether MOG can continue its upward price movement.
If MOG holds the $0.000001121 support, it could push through the $0.000001205 resistance and rise toward $0.000001374. MOG will require consistent investor support to continue posting profits. The meme coin’s ability to break through key resistance levels will depend on sustained buying pressure and market sentiment.
However, if MOG faces selling pressure, it may fail to secure the $0.000001121 support level. A decline below this level could lead to a drop to $0.000000966, reinforcing the ongoing Death Cross. This would invalidate the bullish thesis, suggesting that market sentiment has shifted toward a bearish outlook.
BANANAS31 surged by 61% during today’s intra-day rise, reaching a new all-time high (ATH) of $0.0243. This impressive rally showcases the altcoin’s strong momentum, as investor interest continues to rise. The new ATH signals a potential for further price growth, depending on market conditions.
If the bullish momentum persists, BANANAS31 could continue pushing upward, forming new ATHs in the coming days. Investors are likely to remain in profit as the altcoin maintains its upward trajectory. However, sustained growth will depend on continued investor support and favorable market conditions for the meme coin.
Should investors decide to cash out and book profits, BANANAS31 may struggle to maintain its gains. A drop below the support level of $0.0157 could lead to a decline toward $0.0120, invalidating the bullish outlook. This would signal a reversal in market sentiment, erasing recent price progress.
Virtuals Protocol (VIRTUAL) is down 15% in the last 24 hours after rallying an impressive 200% over the past 30 days. This pullback comes as the token tests a key resistance level around $1.53, while trend indicators show signs of weakening momentum.
At the same time, Smart Money wallets have increased their holdings by 14.4% in the last week and have held steady since May 2—suggesting confidence in the longer-term outlook. VIRTUAL stands at a technical and psychological crossroads. Traders are watching closely to see whether it can build toward a breakout above $2 or slide back to support at $1.19.
Smart Money Holds Steady as VIRTUAL Pulls Back 15%
The number of VIRTUAL tokens held by Smart Money wallets on Ethereum has increased by 14.4% over the past week, rising sharply from 16.49 million to 18.57 million on May 2, and remaining steady around 18.54 million since then.
Despite its recent price pullback, this growth signals that some of the most sophisticated on-chain participants have been accumulating exposure to VIRTUAL.
The sharp rise followed by stability suggests Smart Money wallets may be holding in anticipation of further upside, especially after the token posted a 209% gain in the last 30 days, making it one of the best-performing altcoins in the market.
The recent 15% dip in the last 24 hours hasn’t yet triggered widespread selling among these wallets, which may reflect patience rather than panic.
This holding pattern could signal confidence in continuing the broader uptrend or at least a strategic pause before reallocating.
While not guaranteeing future gains, steady Smart Money holdings in the face of short-term volatility are often a positive signal for longer-term momentum.
The BBTrend (Bollinger Band Trend) is a volatility-based indicator that measures the strength and direction of a trend by analyzing the expansion and contraction of Bollinger Bands.
Values above zero suggest a bullish trend, with higher readings indicating stronger momentum. Since April 24, VIRTUAL’s BBTrend has stayed in positive territory—signaling consistent bullish behavior for nearly two weeks.
The current reading of 6.76 still reflects a positive trend, but the steep drop shows that momentum is cooling off. While this doesn’t necessarily signal an imminent reversal, it suggests that the explosive pace seen in recent days is slowing.
Traders should watch whether the BBTrend continues to decline or stabilizes—either could shape whether VIRTUAL regains strength or dips further.
At a Crossroads: Will VIRTUAL Breakout Above $2 or Pull Back to $1.19?
VIRTUAL is currently trading just below a key resistance level around $1.53. If buying momentum returns—particularly with renewed interest in crypto AI agents—VIRTUAL could test $1.89 in the near term.
A successful breakout there would pave the way for a possible move above the $2 mark, a level it hasn’t reached since January 30.
Social engineering scams are on the rise, and these exploits have particularly targeted Coinbase users throughout the first quarter of 2025. According to a series of investigations by ZachXBT, users have lost over $100 million in funds since December 2024, while annual losses reached $300 million.
After sorting through the complaints made by different users, BeInCrypto spoke with Coinbase Chief Information Security Officer (CISO) Jeff Lunglhofer to understand what makes users vulnerable to these kinds of attacks, how they happen, and what’s being done to stop them.
Gauging the Seriousness of Scams Affecting Coinbase Users
Throughout the first quarter of 2025, several Coinbase users fell victim to social engineering scams. As the leading centralized exchange in a sector where hacks are becoming more sophisticated with time, this reality is no surprise.
In a recent investigation, Web3 researcher ZachXBT reported on several messages he received from different X users who had suffered major withdrawals from their Coinbase accounts.
1/ Over the past few months I imagine you have seen many Coinbase users complain on X about their accounts suddenly being restricted.
This is the result of aggressive risk models and Coinbase’s failure to stop its users losing $300M+ per year to social engineering scams. pic.twitter.com/PjtX7vmjqc
On March 28, ZachXBT revealed a significant social engineering exploit that cost one individual close to $35 million. The crypto sleuth’s further investigations during that period uncovered additional victims of the same exploit, pushing the total stolen in March alone to more than $46 million.
In a separate investigation concluded a month earlier, ZachXBT revealed that $65 million was stolen from Coinbase users between December 2024 and January 2025. He also reported that Coinbase has been quietly grappling with a social engineering scam issue costing its users $300 million a year.
While Coinbase users have been particularly vulnerable to social engineering scams, centralized exchanges, in general, have also been significantly impacted by these increasingly sophisticated attacks.
How Does The Broader Context Reflect This Situation?
Public data regarding the evolution of social engineering scams in recent years is limited and somewhat outdated. Yet, the numbers in the available reports are staggering.
In 2023, the Internet Crime Complaint Center (IC3) under the US Federal Bureau of Investigation (FBI) released its first-ever cryptocurrency report. Investment fraud constituted the largest category of cryptocurrency-related complaints, representing 46% of the nearly 69,500 complaints received, or approximately 33,000 cases.
The FBI’s IC3 reported an increase in crypto-related scams in 2023. Source: IC3.
Investment fraud, or pig butchering, involves false promises of high returns with low risk to lure investors, especially crypto newcomers driven by a fear of missing out on significant gains.
According to the IC3 report, these schemes rely on social engineering and building trust. Criminals use platforms like social media, dating apps, professional networks, or encrypted messaging to connect with their targets.
In 2023, these investment scams resulted in losses of $3.96 billion for users, representing a 53% increase from the previous year. Other social engineering scams, like phishing and spoofing, further constituted $9.6 million in losses.
Coinbase scammers tend to create fake emails that appear legitimate using cloned website images and false Case IDs. They then contact users through spoofed calls, leveraging private information to build trust before sending them these deceptive emails.
Once scammers have convinced users of the interaction’s legitimacy, they exploit the situation to persuade them to transfer funds.
The increasing sophistication of these scams illustrates both the emotional manipulation involved and the particular vulnerability of the victims. They demonstrate that centralized exchanges are often the primary platforms for these exploitations.
ZackXBT’s investigations and user reports on X reveal a gap between the extent of social engineering scams and Coinbase’s apparent management effectiveness.
Public discussions indicate that Coinbase has not flagged theft addresses in common compliance tools.
Victims of scams and users whose funds were frozen are urging Coinbase to take stronger action against this growing and costly issue. Understanding how these scams take place is essential to effectively addressing them.
How Are Coinbase Users Made Victims?
In January, a victim contacted the investigator after losing $850,000. In that instance, the scammer contacted the victim from a spoofed phone number, using personal information likely obtained from private databases to gain their trust.
5/ They then sent a spoofed email which appeared to be from Coinbase with a fake Case ID further gaining trust.
They instructed the victim to transfer funds to a Coinbase Wallet and whitelist an address while “support” verified their accounts security. pic.twitter.com/pOTQpnMfCz
The scammer convinced the victim that their account had suffered multiple unauthorized login attempts by sending them a spoofed email with a fake Case ID. The scammer then instructed the victim to safelist an address and transfer funds to another Coinbase wallet as part of a routine security procedure.
Last October, another Coinbase user lost $6.5 million after receiving a call from a spoofed number impersonating Coinbase support.
The victim was coerced into using a phishing site. Eight months earlier, another victim lost $4 million after a scammer convinced them to reset their Coinbase login.
ZachXBT raised concerns about Coinbase’s lack of reporting the theft addresses in common compliance resources and their perceived inadequate handling of the escalating social engineering issue.
In a conversation with BeInCrypto, Jeff Lunglhofer, Coinbase’s Chief Information Security Officer, shared his version of the events.
Coinbase CISO Addresses Social Engineering Scams
Despite Coinbase’s clear understanding of the widespread harm caused by social engineering scams affecting its users, Lunglhofer stressed that the broader crypto community should address this problem collectively rather than entrusting the responsibility to a single entity.
“In the context of the broader social engineering challenge that’s out there, of course, Coinbase customers are impacted. We’re keenly aware of it. We’ve been rolling [out] a number of control improvements to help protect our users, and, I think more importantly, we are working with the broader industry to bring these ideas and these control uplifts across the industry, across all crypto exchanges, across everything,” Lunglhofer told BeInCrypto.
Coinbase’s CISO referenced the exchange’s collaborative efforts with other platforms to combat this problem in his reply.
Specifically, Lunglhofer pointed to the “Tech Against Scams” initiative, a partnership with industry players like Match Group, Meta, Kraken, Ripple, and Gemini to fight online fraud and financial schemes.
Lunglhofer also added that Coinbase takes a similar approach when flagging theft addresses.
Why Coinbase Handles Theft Addresses Differently
When BeInCrypto asked Coinbase why it doesn’t publish theft addresses across popular compliance tools, Lunglhofer explained that the exchange has a different procedure for these scenarios.
“We will communicate with other exchanges directly [and] let them know the addresses that we’ve seen where assets have been withdrawn,” he said, adding that “when we see that there’s, in fact, fraudulent [activity], we will pull back all the wallets that are associated with the fraud and we’ll push those out to the other exchanges that we have communications with,” he said.
Lunglhofer also mentioned Crypto ISAC, an intelligence and information-sharing group established by Coinbase in collaboration with various other crypto exchanges and organizations to distribute information related to scams.
Coinbase’s Struggle Against the Flood of Spoofed Content
Lunglhofer admitted that the number of spoofed emails Coinbase identifies or receives in the form of reports far exceeds the exchange’s capacity to take them down.
“Regrettably, they’re a dime a dozen. I can open ten of them in five minutes. It’s super easy to do. So there’s not a lot we can do about that. But, when we identify them [or when] a customer reports them, we do have them taken down,” he said.
Coinbase uses vendors to eliminate circulating spoofs or phishing campaigns in those instances.
“We have several vendors that we use to do takedowns. So anytime we see a fraudulent phone number pop up, anytime we see a fraudulent URL [or] a fraudulent website get established, we will issue those for takedown. We’ll use our vendors to work with the DNS providers and others to bring those down as quickly as possible,” Lunglhofer told BeInCrypto.
Although these preventative measures are essential for the future, they provide minimal recourse for users who have already lost millions of dollars to scams.
Whose Responsibility Is It? User vs. Exchange
Coinbase did not respond to BeInCrypto’s inquiry about developing an insurance policy for users who lost savings to social engineering scams, leaving their approach in this area unclear.
Yet, social engineering scams are complex, relying on significant emotional manipulation to build trust. This complexity raises questions about the degree of responsibility that falls on user vulnerability versus potential shortcomings in the centralized exchange’s user protection measures.
The broader cryptocurrency community generally agrees that more educational materials are necessary to help users distinguish between legitimate communications and scam attempts.
Regarding this issue, Lunglhofer clarified that Coinbase will never call users out of the blue. He also noted that Coinbase has recently implemented different features that act as warnings for users potentially interacting with a scam.
Furthermore, the CISO cited a ‘scam quiz,’ an educational tool that appears as a real-time banner when a user is about to undertake a transaction flagged as suspicious by the exchange.
Though this feature is an advantage, its ability to protect users is hard to quantify, especially regarding how efficiently it flags suspicious activity. Coinbase did not respond when BeInCrypto asked if the exchange internally tracked data related to social engineering scams.
A similar issue arises with Coinbase’s ‘allow lists.’
The $850,000 Coinbase Loss
Coinbase offers a feature that enables users to create a safelist of approved recipient addresses to help prevent transactions to unfamiliar or unverified addresses. Lunglhofer strongly urges Coinbase users to adopt this measure.
“We offer every retail customer the ability to create ‘allow lists’ for wallets that they’re permitted to transfer assets to. On my personal account on Coinbase, I have ‘allow listing’ turned on, and I only have three wallets that are allowed,” Lunglhofer detailed.
However, the $850,000 scam loss suffered by a Coinbase user in January, as revealed by ZachXBT, shows a critical limitation of safelists.
Even after a victim adds a theft address, manipulation leading to this addition can still occur, thereby neutralizing the intended protection.
Can Coinbase Do More to Protect Users?
Sophisticated social engineering scams are a growing threat, creating significant challenges for crypto users. Coinbase users and centralized exchanges in general are particularly affected.
Despite Coinbase’s outlined efforts, the significant financial losses highlight the limitations of current industry-standard measures against determined scammers.
While cooperation is crucial across the board, Coinbase, as a leading platform, must also put more proactive efforts and resources into educating its users.
Social engineering is predominantly a user-driven issue, not a security failure for any exchange. Yet, platforms like Coinbase have the critical responsibility to lead industry-wide initiatives to address these threats.
The millions lost are a stark reminder that vigilance and collective action are paramount in safeguarding users against these increasingly refined and frequent attacks.
