LATE-BREAKING OVERNIGHT: Spoofed Notification Alerts foiling the heist redirect users to Credential Traps at Cryptocurrency Exchange Company and E-Wallet Giant ’Coins.PH’ [#Channel8NewsEXCLUSIVE]
(Written by Ridley Terrance Croft / Digital Tech Contributor of Nickelodeon Action News and Master Control of ONC Holdings)
PASIG, NATIONAL CAPITAL REGION – In a sleepless, cybersecurity scare over the weekend that had everyone worried, as the Philippines’ leading cryptocurrency electronic wallet fintech service ‘Coins.PH’ was hit with a coordinated phishing attack on thousands of users all across the country. The entire incident happened on Saturday night at around 9pm (March 7th, 2026 – Pasig local time) as hackers began to roll out very convincing push notifications and suspicious e-mails, all pretending to be official Coins notifications in an effort to drive users to provide their access to an account.
Some of the scammy notifications, which we independently dug up, did a rather good job of convincing users that their account was flagged by suspicious activity, and they were on a rogue site to which they were about to be redirected in case of interaction. These fake URLs were intended to secure users to provide their login information and empty their online assets, including some fairly mainstream cryptos such as XRP and Solana. Across the entire archipelago, particularly in Dumaguete City struck unexpectedly, which only goes to prove how far-reaching it was. It is nothing more than somebody stole the items while being shoplifted, once the order is placed online through cash-on-delivery.
The mechanics of the breach were terrifyingly easy: when clicking on the fake push alerts, users were redirected to a site where they would have to re-authenticate their accounts by inputting all their sensitive information. But the trouble was, if they did that, the hackers would get all the access they needed to carry out unauthorized transactions and transfer funds in any amount, excluding the smaller money figures. It’s pretty worrying stuff.
But thankfully, cybersecurity authorities like the Bangko Sentral ng Pilipinas (BSP), Securities and Exchange Commission (SEC), and Cybercrime Investigation and Coordination Center (CICC) were onto it in a jiffy, and swiftly blacklists all hackers’ wallet addresses and virtually dismantled their phishing operation. Crucially though, Coins has said that no user funds, assets or personal data were actually compromised in the overnight scam, as the hackers were only after people who interacted with the dodgy links.
By Tuesday night (March 10th), all active campaigns in push notifications have now been suspended, pending a full internal audit. They’ve also promised to beef up their digital defenses with some much needed extra security measures. A joint investigation is going to get underway early next week, and the main focus is going to be on trying to track down the people behind the attack and stopping them from happening again. In an exclusive statement to OneNETnews, Coins said that users need to be proactive about their accounts and change their passwords, turn on two-factor authentication (2FA) on their mobile device, and keep an eye on their account activity. For those who didn’t engage with the phishing attempts, they’re good to go, but still wise to turn on 2FA as a certain precaution.
Users who did view the fake alerts have now been provided with a respective tech support, where they can report any fraudulent transactions made by the online attackers. The company itself is saying that all valid user funds are safe and sound, and there are some additional monitoring systems in place to detect and close any future threats. And with this recent cybersecurity threat to the crypto space in the Philippines, it serves as a timely reminder that in the modern day of changing financial frauds, one should be more vigilant with a good financial literacy and common sense online.
SOURCES:
*https://www.facebook.com/100078245027701/posts/943693348248824
*https://www.facebook.com/100078245027701/posts/945789488039210
*https://bitpinas.com/business/coins-ph-push-notif-issue/
*https://newsbytes.ph/2026/03/11/coins-ph-users-report-phishing-alerts-firm-says-issue-resolved/
and
*https://www.coins.ph/en-ph/blog/notice-of-issue-resolution-unauthorized-notifications
STOCK PHOTO and LOGOS COURTESY for REPRESENTATION: Google Images
BACKGROUND PROVIDED BY: TEGNA
– Channel 8 News Publication Team
