Update: Coins.ph Users Report Suspicious In-App Push Notifs Leading to Phishing Sites; Exchange Confirms Extent of Breach

ByBitPinas
Photo for the Article - Update: Coins.ph Users Report Suspicious In-App Push Notifs Leading to Phishing Sites; Exchange Confirms Extent of Breach

Update on March 16, 2026: Coins.ph confirmed that it has already took down the website where the phishing links direct to and have blacklisted the wallet address of the attacker.

We have resolved the recent incident involving unauthorized email and push notifications containing phishing links.

Our teams immediately contained the issue, took down the fraudulent website, and blacklisted the attacker’s wallet addresses. The incident was limited to our messaging provider and did not affect user accounts, funds, or sensitive personal data.

Coins.ph remains committed to strengthening our security measures to better protect our community.

Photo for the Article - Update: Coins.ph Users Report Suspicious In-App Push Notifs Leading to Phishing Sites; Exchange Confirms Extent of Breach

Update on March 14, 2026: “Editor’s Note: A previous update on March 13 used the word ‘Names’ instead of ‘Email addresses.’ This has been corrected.”

Update on March 13, 2026: Coins.ph Says Email Addresses, Numbers, and Gender Possibly Exposed in Recent Third-Party Breach

Users’ email addresses, mobile phone numbers, and gender may have been exposed following the recent phishing incident involving push notifications, Coins.ph confirmed in a formal update to its customers. The exchange stated that current findings indicate an attacker may have obtained this contact information through a compromised third-party messaging service.

While contact details were potentially accessed, Coins.ph emphasized that the affected messaging provider does not store or have access to critical user data. The company assured users that passwords, government identification numbers, sensitive personal and financial information, as well as wallet balances and funds, remain fully secured within the exchange’s core systems.

Original article follows:

Users of the locally licensed crypto exchange Coins.ph are reporting receiving unauthorized push notifications from the exchange’s mobile app that redirect them to a malicious website.

The Phishing Vector: In-App Notifications

Photo for the Article - Update: Coins.ph Users Report Suspicious In-App Push Notifs Leading to Phishing Sites; Exchange Confirms Extent of Breach

Multiple users on social media platform X and the exchange’s official Telegram group have documented receiving alerts titled “Coins.ph Security Alert” or “Urgent Identity Verification” through the app’s native notification system.

Screenshots shared by users, including X user @0xdabid, show a push notification titled “Coins.ph Security Alert” or “Urgent Identity Verification,” which warns them that their accounts are at risk of suspension due to unusual activity or new Anti-Money Laundering (AML) regulations.

Photo for the Article - Update: Coins.ph Users Report Suspicious In-App Push Notifs Leading to Phishing Sites; Exchange Confirms Extent of Breach

Upon clicking the notification, users reported being routed to a malicious website that mimics the Coins.ph interface. The site prompts users to “Verify Now” and subsequently asks them to connect a web3 wallet such as MetaMask, Rabby, or Coinbase Wallet, or manually transfer funds to a “secure” address.

Another user, @2fast2fausty, detailed the sequence: “Sent a Push notif asking me to verify my account. Led me to a browser page, asking me to link a Crypto wallet”.

Confusion on Communication Channels

Photo for the Article - Update: Coins.ph Users Report Suspicious In-App Push Notifs Leading to Phishing Sites; Exchange Confirms Extent of Breach

The incident has caused confusion within the community, because ther users received the alert via notification from Coins.ph mobile app.

In the official Coins.ph Filipino Telegram group, user “1terabyt3” noted, “Wla email sakin notif lang sa app” (I received no email, just a notification on the app).

Coins.ph Response

Photo for the Article - Update: Coins.ph Users Report Suspicious In-App Push Notifs Leading to Phishing Sites; Exchange Confirms Extent of Breach
Telegram Link

Coins.ph has acknowledged the reports and issued a security advisory.

In a message on their Telegram channel, the exchange stated: “We are aware of phishing emails currently circulating that appear to be from Coins.ph. Please do not click any links… Our team is actively investigating this matter”.

However, as reports of the push notification vector grew, Coins.ph community managers provided further clarification:

“Please don’t click on any links for now. We are further investigating the issue internally right now. Sorry about this,” wrote Cici Han, a member of the Coins.ph team, addressing users in the group chat.

Photo for the Article - Update: Coins.ph Users Report Suspicious In-App Push Notifs Leading to Phishing Sites; Exchange Confirms Extent of Breach
Telegram Link

User Advisory

Community members are advising all users to exercise extreme caution:

  • Do not click on any push notifications or links demanding urgent verification.
  • Do not connect any external Web3 wallets (MetaMask, etc.) to websites claiming to be Coins.ph.
  • Verify status by opening the app directly (without clicking the notification) or checking official social media channels.
Listen to our latest episode

This is a developing story: Breaking: Coins.ph Users Report Suspicious In-App Push Notifications Leading to Phishing Sites; Exchange Investigating

What else is happening in Crypto Philippines and beyond?

    BitPinas is a news website that portrays the most accurate coverage and representation of crypto, blockchain, play-to-earn, and NFT news and updates in the Philippines since 2017.

    Leave a Reply

    Your email address will not be published. Required fields are marked *

    This site uses Akismet to reduce spam. Learn how your comment data is processed.