A cunning New York scammer, Christian Nieves, known as Daytwo or PawsOnHips, swindled over $4 million from Coinbase users by posing as a customer support representative. Operating a small call center, he tricked victims into creating wallets on fake websites that were laced with malicious code, draining their cryptocurrency.
A Scammer in Sheep’s Clothing
Nieves ran a slick operation, using a small call center to impersonate Coinbase support. He contacted users, claiming their accounts were at risk, and directed them to phishing sites mimicking Coinbase’s platform. These sites embedded malicious seed phrases, giving Nieves control over victims’ wallets via which he stole over $4 million.
Nieves reportedly funneled the bulk of the stolen loot into the crypto gambling platform Roobet, using the username “pawsonline.” Blockchain investigator ZachXBT linked his Roobet account to over 30 thefts, revealing Nieves placed large bets during Discord calls with friends. His reckless gambling drained most of the funds, with significant losses recorded on the platform.
Additionally, Nieves splurged on luxury goods, openly flaunting his purchases on social media. These included high-end designer items and watches, showcasing a flashy lifestyle funded by the scam. Some of the stolen cryptocurrency was also converted into Monero, a privacy coin, likely to facilitate the laundering of the proceeds.
His accomplice also defrauded an elderly victim of $240,000. As of press time, reports suggest that Nieves has not been apprehended, despite ZachXBT’s investigation exposing his actions. However, no official arrest has been reported. Authorities are likely pursuing leads, but Nieves remains at large, raising concerns about ongoing scams.
Coinbase Responds to Fraud
Coinbase has faced scrutiny over its security practices following Nieves’ scam. The company issued warnings about impersonation scams, advising users to verify communications and refrain from sharing sensitive information. Coinbase is cooperating with law enforcement to trace stolen funds and prevent future breaches, though no specific reimbursement plans for victims were detailed.
Similar frauds have surged recently. For example, in April 2025, a promotion by Coinbase’s Layer 2 network, Base, led traders to pour millions into a memecoin, only to face devastating losses when it crashed in less than 24 hours. Also, in March 2025, ZachXBT reported $46 million in losses from social engineering scams targeting Coinbase users. These cases highlight the growing threat of impersonation in crypto, exploiting trust in major platforms.
