In the latest wave of cybercrime, cryptocurrency users have lost more than $4 million in funds to crypto criminals. Many thefts were carried out through phishing sites advertised on Google Ads.
These fraudulent websites mimicked legitimate crypto platforms to trick unsuspecting users into entering their login credentials, private keys, or other sensitive information.
Once the criminals obtained this information, they could access the users’ cryptocurrency wallets and steal their digital assets. ScamSniffer, an anti-scam service provider for Web3, has recently reported many malicious advertisements for phishing websites on Google ads searches.
Over the previous month, scammers saw a 276% profit from their illegal activities due to the number of users impacted and the money they used to promote their fraudulent advertisements.
These bad actors have impacted several decentralized finance protocols, websites, and brands, including DefiLlama, Lido, Orbiter Finance, Radiant, Stargate, and Zapper. Scammers have targeted DeFi users who find it challenging to identify that they have clicked on malicious links due to slight changes to the official URLs.
ScamSniffer mentioned:
When you open a malicious advertisement from Zapper, you can see that it attempts to obtain authorization of my $SUDO by using a Permit signature. Currently, many wallets do not have clear risk warnings for this type of signature, and ordinary users may think it is a normal login signature and sign it without thinking twice.
Crypto Scammers Have Used Many Tactics To Conduct These Scams
ScamSniffer reports that scammers have implemented a range of tactics to evade Google’s ad review process, including manipulating the Google Click ID parameter, using anti-debugging techniques, and employing parameter distinction. These methods allow scammers to display a legitimate webpage during the ad review process conducted by Google.
ScamSniffer’s analysis of addresses associated with fraudulent websites promoted by scammers reveals that crypto users lost approximately $4.16 million in the last month, with over 3,000 individuals impacted by the scams. Additionally, anti-scam measures tracked the movement of funds on the blockchain to different exchange and mixing services, such as SimpleSwap, Tornado Cash, KuCoin, and Binance.
Scammers spent roughly $15,000 advertising their websites, getting a 40% conversion rate from 7,500 users clicking on the malicious ads. Metadata analysis of several phishing websites has connected the advertisers responsible to two major locations: Ukraine and Canada.
Rising Phishing Attacks Within The Crypto Space
Crypto criminals have previously exploited Web2 tools and services to steal funds from Web3 users. For instance, in 2020, they hacked the Twitter accounts of high-profile figures, including Elon Musk, who requested users to claim free crypto tokens via links to a malicious website.
Scammers have used phishing attacks frequently to steal cryptocurrency funds from users. DeFi, in particular, continues to be a preferred target for hackers, with more than $3.7 billion siphoned off in 2022 alone.
Featured Image From iStock, Chart From TradingView.com
Credit: Source link
Bitcoin 
Ethereum 
Tether 
BNB 
Solana 
USDC 
XRP 
Lido Staked Ether 
Toncoin 
Dogecoin 
Cardano 
Shiba Inu 
Avalanche 
TRON 
Wrapped Bitcoin 
Polkadot 
Bitcoin Cash 
Chainlink 
NEAR Protocol 
Polygon 
Litecoin 
Fetch.ai 
Uniswap 
Internet Computer 
Dai 
LEO Token 
Render 
Ethereum Classic 
Hedera 
First Digital USD 
Aptos 
Pepe 
Cosmos Hub 
Cronos 
Mantle 
Filecoin 
Wrapped eETH 
Immutable 
Stellar 
dogwifhat 
Stacks 
OKB 
Renzo Restaked ETH 
Kaspa 
Optimism 
Arbitrum 
The Graph 
Bittensor 
Arweave 
VeChain 
