Skip to contentSkip to site index
Coinbase Logo
Sign in
Sign up

Consumer Protection Tuesday: What to Do If Your Google Account is Compromised

By 5min read
Consumer Protection Tuesday

Adapted from educational content originally created by zeroShadow, used with permission.

Key Takeaways for Coinbase Users

✅ Your email is your crypto's first line of defense—secure it like you secure your wallet

✅ Never share 2FA codes with anyone—not via phone, email, or text. Google and Coinbase will never ask for them

✅ Use unique passwords for your email and Coinbase accounts. Consider a password manager

✅ Enable hardware security keys on both Google and Coinbase for maximum protection

✅ Stay vigilant: Review your account activity regularly and report suspicious behavior immediately

Why This Matters 

Your Google account is often the gateway to your Coinbase account—whether you use it for login authentication, two-factor verification, or as your primary email for account recovery. If a threat actor gains access to your Google account, they may attempt to:

  • Reset your Coinbase password

  • Intercept 2FA codes sent to your email

  • Access recovery information for your Coinbase account

  • Bypass security measures and gain unauthorized access to your crypto assets

Taking immediate action to secure your Google account is critical to protecting your Coinbase holdings.

Immediate Action Steps

1. Change Your Google Account Password Immediately

  • Navigate to myaccount.google.com/security

  • Select Password under "How you sign in to Google"

  • Create a strong, unique password (minimum 12 characters with uppercase, lowercase, numbers, and symbols)

  • Never reuse this password on any other site, including Coinbase

⚠️ Pro Tip: If you can't log in, use Google's Account Recovery to regain access.

2. Sign Out of All Devices

3. Check for Email Forwarding and Client Connections

This is critical for Coinbase security: Attackers often set up email forwarding rules to intercept password resets and 2FA codes.

  • In Gmail, go to Settings → See all settings → Forwarding and POP/IMAP

  • Check Forwarding for any unauthorized email addresses and delete them

  • Under POP Download, select Disable POP

  • Review Filters and Blocked Addresses for suspicious auto-forwarding rules

Why this matters: If an attacker forwards your emails, they can intercept Coinbase security notifications and password reset links.

4. Revoke Third-Party App Access

5. Reset Your Two-Factor Authentication (2FA)

Since an attacker may have compromised your authenticator:

a) Temporarily disable 2FA:

b) Re-enable 2FA with fresh credentials:

  • Set up a new 2FA method—do NOT reuse previous QR codes

  • Recommended options:

    • Google Authenticator (fresh setup)

    • Hardware security key (YubiKey)

    • Google Prompt on a secure device

🔒 Coinbase Recommendation: Use a hardware security key for both your Google and Coinbase accounts for maximum protection.

6. Update Account Recovery Options

7. Secure Accounts Linked via Google Sign-In

If you use "Sign in with Google" for Coinbase or other services:

  • Visit myaccount.google.com/permissions

  • Revoke access and reset passwords on linked accounts

  • For Coinbase specifically: Log in directly and change your password, even if you use Google sign-in

8. Review Your Coinbase Account Security

After securing your Google account, immediately check your Coinbase account:

  • Change your Coinbase password

  • Review recent activity and transactions

  • Verify all 2FA methods are still under your control

  • Check withdrawal addresses for any unauthorized additions

  • Review API keys and revoke any you don't recognize

  • Enable address whitelisting if not already active

🔗 Visit: Coinbase Security Center for additional protection options.

9. Enable Enhanced Google Security Features

10. Report the Incident

For additional security resources, visit the Coinbase Security Hub or contact Coinbase Support.

Recent stories

Disclaimers: Derivatives trading through the Coinbase Advanced platform is offered to eligible EEA customers by Coinbase Financial Services Europe Ltd. (CySEC License 374/19). In order to access derivatives, customers will need to pass through our standard assessment checks to determine their eligibility and suitability for this product.