In the latest wave of cybercrime, cryptocurrency users have lost more than $4 million in funds to crypto criminals. Many thefts were carried out through phishing sites advertised on Google Ads.
These fraudulent websites mimicked legitimate crypto platforms to trick unsuspecting users into entering their login credentials, private keys, or other sensitive information.
Once the criminals obtained this information, they could access the users’ cryptocurrency wallets and steal their digital assets. ScamSniffer, an anti-scam service provider for Web3, has recently reported many malicious advertisements for phishing websites on Google ads searches.
Over the previous month, scammers saw a 276% profit from their illegal activities due to the number of users impacted and the money they used to promote their fraudulent advertisements.
These bad actors have impacted several decentralized finance protocols, websites, and brands, including DefiLlama, Lido, Orbiter Finance, Radiant, Stargate, and Zapper. Scammers have targeted DeFi users who find it challenging to identify that they have clicked on malicious links due to slight changes to the official URLs.
When you open a malicious advertisement from Zapper, you can see that it attempts to obtain authorization of my $SUDO by using a Permit signature. Currently, many wallets do not have clear risk warnings for this type of signature, and ordinary users may think it is a normal login signature and sign it without thinking twice.
Crypto Scammers Have Used Many Tactics To Conduct These Scams
ScamSniffer reports that scammers have implemented a range of tactics to evade Google’s ad review process, including manipulating the Google Click ID parameter, using anti-debugging techniques, and employing parameter distinction. These methods allow scammers to display a legitimate webpage during the ad review process conducted by Google.
ScamSniffer’s analysis of addresses associated with fraudulent websites promoted by scammers reveals that crypto users lost approximately $4.16 million in the last month, with over 3,000 individuals impacted by the scams. Additionally, anti-scam measures tracked the movement of funds on the blockchain to different exchange and mixing services, such as SimpleSwap, Tornado Cash, KuCoin, and Binance.
Scammers spent roughly $15,000 advertising their websites, getting a 40% conversion rate from 7,500 users clicking on the malicious ads. Metadata analysis of several phishing websites has connected the advertisers responsible to two major locations: Ukraine and Canada.
Rising Phishing Attacks Within The Crypto Space
Crypto criminals have previously exploited Web2 tools and services to steal funds from Web3 users. For instance, in 2020, they hacked the Twitter accounts of high-profile figures, including Elon Musk, who requested users to claim free crypto tokens via links to a malicious website.
Scammers have used phishing attacks frequently to steal cryptocurrency funds from users. DeFi, in particular, continues to be a preferred target for hackers, with more than $3.7 billion siphoned off in 2022 alone.
Featured Image From iStock, Chart From TradingView.com