“Was This You?” Scam Emails Try to Trick You Into Calling Fake Support Numbers
Don’t Call That Number: The ‘Was This You?’ Email Scam Explained
tl;dr
Scam emails pretending to be security alerts from companies such as Coinbase claim that there has been a suspicious sign-in to your account. The message urges you to call a listed phone number to secure your account. However, the number connects you to scammers who will try to steal your personal details and account login credentials.
The Scam at a Glance
Criminals are sending out fake “Was this you?” emails designed to look like legitimate security notifications. The messages typically:
Pretend to come from well-known companies or platforms.
Claim that a new sign-in has been detected from an unfamiliar device or location.
Urge you to call a phone number immediately if you did not authorise the activity.
Include reassuring language such as “We will never call you unexpectedly” to appear authentic.
The example included below falsely claims to be from cryptocurrency exchange Coinbase. Alternative versions target users of other well-known companies, such as PayPal, eBay, Microsoft, or banking institutions.
What Happens if You Call the Number
If you phone the listed number, you won’t reach Coinbase or any other legitimate company. Instead, you’ll be connected to professional scammers who will:
Pose as security or account specialists and sound convincing.
Claim that your account is under threat or temporarily locked.
Ask for your login credentials, two-factor authentication codes, or seed phrases.
Sometimes direct you to install remote-access software so they can “help secure” your device.
Ultimately, drain your accounts or steal your identity.
Why the Scam Works
This type of scam is effective because many real companies do send legitimate sign-in alerts when they detect logins from new devices or IP addresses. Scammers exploit that familiarity and the sense of urgency it creates to manipulate people into reacting quickly before they think.
Other tricks that make these messages convincing include:
Use of real company names and logos.
Spoofed sender addresses that look genuine at a glance.
Carefully worded content that mimics the tone and format of genuine security emails.
How to Protect Yourself
Follow these steps to stay safe from “Was this you?” scams:
Never call a phone number or click a link in a suspicious email.
If you’re concerned about account activity, go directly to the company’s official website and log in from there.
Check the sender address carefully, as scam emails usually come from unrelated domains.
Use two-factor authentication (2FA) on all financial and crypto accounts.
Report phishing or scam emails to the company being impersonated.
Block and delete the message once identified as fraudulent.
Genuine Security Alerts Look Different
Legitimate companies will never:
Ask you to call a phone number to verify activity.
Request your passwords, recovery phrases, or security codes over the phone.
Ask you to install remote-access tools or software.
Real alerts will simply direct you to sign in securely through the company’s own website or app.
Key Takeaway
If an email claims there’s been a suspicious sign-in and urges you to call a number, don’t do it! It’s almost certainly a scam designed to harvest your sensitive information.
Stay calm, ignore the message, and verify directly through your official account login page.
A screenshot of the scam email:
