Cryptocurrency users lost over $4 million to phishing scams promoted through Google Ads, targeting DeFi platforms and brands.
In recent times, ScamSniffer, a Web3 anti-scam service, has reported an alarming rise in malicious phishing websites targeting cryptocurrency enthusiasts through Google Ads. These deceptive campaigns have led to losses of over $4 million for unsuspecting users. The attackers have primarily focused on decentralized finance (DeFi) platforms and brands such as Zapper.fi, Lido, Stargate, DefiLlama, Orbiter Finance, and Radiant.
Crafty scammers create URLs that closely mimic the legitimate websites of the targeted brands, making it challenging for users to distinguish between authentic and malicious links. Upon clicking on the fraudulent links, users are prompted to provide wallet login signatures, which ultimately compromise their addresses. Check this thread for more:
Google Ads Data & Blockchain Analytics Reveal Scammers’ Strategies
A combination of Google Ads data and blockchain analytics has revealed that malicious phishing websites have successfully stolen over $4 million from users. Metadata analysis from several of these phishing websites has traced the source of the fraudulent campaigns back to advertisers in Ukraine and Canada.
To circumvent Google’s ad review process, these scammers have devised a variety of tactics. One such method involves tampering with the Google Click ID parameter, which allows the perpetrators to display a benign webpage during the ad review process. Other malicious ads exploit anti-debugging techniques, redirecting users with developer tools enabled to authentic websites while leading those who click directly to the malicious sites. This strategy helps scammers bypass some of Google Ads’ machine reviews.
On-Chain Data Analysis Exposes Stolen Funds’ Path
The ScamSniffer database has identified that malicious websites advertised on Google have stolen $4.16 million from over 3,000 users within the past month alone. The anti-scam organization followed the on-chain flow of stolen funds to various exchanges and mixing services, such as SimpleSwap, Tornado Cash, KuCoin, and Binance.
Utilizing advertising analysis platforms, ScamSniffer has uncovered that the promotion of crypto-related phishing websites is a lucrative business. Moreover, the average cost per click for associated keywords falls between $1 and $2. With an estimated conversion rate of 40% from 7,500 users interacting with malicious ads, scammers have invested nearly $15,000 in advertising. This malicious investment has generated a remarkable 276% return, considering the $4 million siphoned off so far.
Kaspersky, a leading Russian cybersecurity and anti-virus company, has reported a 40% increase in crypto-related phishing attacks in 2022 compared to the previous year. The firm detected over 5 million phishing attacks last year alone. The recent exploitation of Google Ads by cybercriminals underscores the urgent need for heightened vigilance and enhanced security measures to safeguard users from the ever-evolving threat of phishing scams in the cryptocurrency sphere.