Beware of possible Kraken scam / breach

edit: Kraken replied by now and confirmed this email is not phishing, just fishy.

u/krakensupport

Beware of a possible Kraken scam / breach

This is an email I just got:

https://preview.redd.it/r0jdsb6788gc1.png?width=1266&format=png&auto=webp&s=a95d23b38bd0353fe16944d34e283c1502e03783

I can't find this “Unified Deposit Methods” options on their website or anywhere else.

The email was sent from a new email, “[support@email.kraken.com](mailto:support@email.kraken.com)” instead of the usual “[no-reply@email.kraken.com](mailto:no-reply@email.kraken.com)”.

The email redirects to a “https://link.kraken.com/”, a subdomain I haven't seen before.

I fear there is a chance of a breach and someone got control over their subdomains. Don't click the links before Kraken responds to this.

I contacted support, which is busy and I'm still waiting for a human response. – this also never happened before to me. Until now, only the bot replied to me with:

It seems like the email might be a scam. Real Kraken emails come from domains like marketing.kraken.com, email.kraken.com, or rewards-email.kraken.com.

Be mindful of similar looking characters or misplaced periods in the email address.

Never click on any suspicious links within such emails.

I'm absolutely not sure what to think of this. Maybe someone at Kraken can comment on it? u/krakensupport

reddit image

25 thoughts on “Beware of possible Kraken scam / breach”

  1. Hello Maxx3141. It looks like you might have found a new scam? If so, please report this scam by crossposting to r/CryptoScams, r/CryptoScamReport, or visiting scam-alert.io. For tips on how to avoid scams, click here.


    I am a bot, and this action was performed automatically. Please contact the moderators of this subreddit if you have any questions or concerns.

  2. This is a friendly reminder that Kraken Support will never DM you first, ask for your username or password, or ask you to transfer funds. Kraken has its own subreddits, r/KrakenSupport and r/Kraken, and their Support Center.

    Ping for verified users associated with Kraken: /u/krakensupport /u/krakenexchange

    I am a bot, and this action was performed automatically. Please contact the moderators of this subreddit if you have any questions or concerns.

  3. Hello u/Maxx3141 👋

    The email you received is indeed legitimate, and we appreciate your vigilance in verifying its authenticity.

    We apologize for any confusion caused by the subdomains used in the email. The email you received regarding Simplifying Ethereum Ecosystem-based deposits can be found here in our support article.

    Additionally, for further verification, you can refer to our support article regarding the valid email addresses we use for communication.

    If you have any further concerns, please don’t hesitate to reach out to us directly.

    Athena from Kraken Support 🐙

  4. Gave me heart attack. I logged in and everything lol but when it asked for my 2FA to log in I knew its legit. I wonder if fake website would have asked for 2FA, dont see how they would be able to connect that

  5. I enjoy the current vigilance among users. Each bear seems to educate a new wave of investors.

  6. Everyone is actually on high alert, the crypto scams have been getting bolder

  7. Is this only a thing If you want to receive crypto from external wallets?

    If so I just buy and hold anyway, lol.

  8. When clicking on the link in the email and logging in I am just sent to the kraken withdraw page, nothing gets actually updated. Is this a very sofisticate scam or how is this supposed to behave?

  9. How would new fees work? It just says “variable fees” for depositing, but I thought we normally don’t get charged just for deposits?

  10. i guess it’s same like the third party mailer got hacked not from the exchange

  11. Dude, I stop reading the moment you said kraken lost control of their domains 😅

  12. Subdomains are subdomains.

    A different person can’t own it.

    Domains can be faked, so don’t always trust it, but on the surface, that would be a valid domain of theirs.

  13. It being a subdomain of a domain kraken actually owns makes this highly unlikely being a scam. Also unless kraken’s infrastructure and security is shit they could fix this in minutes.

    Still good you checked but 99% of the time the URL is a good way to verify an email is legit.

  14. Why did I read this a beware of potential Karen scam. Here I was wondering what the of Karens were up to now.

  15. I get that the mail triggers some scam/phising alarms.
    But I don’t get, how people don’t understand the content?

    “Hey, we change deposit methode for ETH based tokens.

    Your old deposit adesses will become invalid on date X.
    Please use your new deposit address.”

    Just log in to your account from the main site.
    Check your deposit addresses and generate new ones if necessary.

Comments are closed.