In a stunning turn of events, scammers managed to pilfer a staggering $3 million worth of cryptocurrencies in a 24-hour spree by leveraging Google Ads to lure unsuspecting victims into malicious fake websites. These websites deployed wallet-draining software, targeting crypto enthusiasts during the holiday season.
According to Scam Sniffer, a leading security firm, the attackers employed Google Ads to dupe crypto users into accessing counterfeit versions of popular Web3 platforms, including Zapper, Lido, Stargate, DefiLlama, Orbiter Finance, and Radient.
The malevolent actors didn’t limit their onslaught to just one day. Scam Sniffer flagged a series of fresh incidents involving phishing sites associated with the same culprits in their scam database on December 25th.
In total, an estimated $3 million was siphoned off in separate incidents, as evidenced by screenshots shared by the company, showcasing the theft of a mix of WBTC, aPolUSDT, aUSDC, and USDT.
Google Ads alerted, but no response
Surprisingly, Scam Sniffer revealed that they had alerted Google Ads about the ongoing promotion of these counterfeit sites and the use of wallet-draining software back in April 2023.
However, despite their efforts to raise awareness, the security firm has yet to receive a response from the platform. This lack of action has drawn attention to the persistent challenges faced by the cryptocurrency community in combating scams and fraudulent activities.
These recent phishing thefts serve as a stark reminder for cryptocurrency users to exercise extreme caution and vigilance when interacting with Web3 platforms and authorizing transactions through their wallets.
With phishing scams now ranking as the top threat to users, it becomes paramount for individuals to meticulously verify each signature request they encounter.
A spokesperson for Scam Sniffer emphasized,
“To avoid falling victim to these scams, users must exercise diligence and scrutinize every signature request with care.”
Massive scale of the scammers uncovered
Scam Sniffer’s recent report on wallet draining unveiled a shocking revelation – they identified a whopping 10,072 fake websites employing the notorious MS Drainer throughout 2023.
This malicious software has been instrumental in pilfering a jaw-dropping $58.98 million worth of cryptocurrencies from over 63,000 victims. These disconcerting statistics were corroborated by a Dune Analytics dashboard established to track the activities of MS Drainer.
This alarming scale of cryptocurrency theft underscores the need for the crypto community to remain vigilant and informed about emerging threats and scams.
Staying secure in the crypto landscape
As the cryptocurrency market continues to evolve and gain mainstream attention, it is imperative for both newcomers and seasoned investors to prioritize security. Here are some key steps to enhance security in the crypto landscape:
Thoroughly verify websites and transactions
Cryptocurrency users should double-check the authenticity of websites they visit and transactions they authorize. Scrutinizing signature requests and ensuring they match the expected action is essential in preventing fraudulent transfers.
Use reputable wallets
Selecting trusted and well-established cryptocurrency wallets is crucial. Avoid using unknown or unverified wallets, as they may expose users to potential risks.
Stay informed
Remaining informed about the latest scams, phishing attempts, and security threats in the cryptocurrency space is vital. Regularly check for updates from trusted sources within the crypto community.
Report suspicious activity
If users come across suspicious websites, transactions, or activities, they should promptly report them to relevant authorities or security firms. Timely reporting can help prevent further losses and apprehend scammers.