A Chainlink (LINK) crypto investor has recently suffered a catastrophic loss due to a sophisticated phishing attack. The victim, who had been trading and accumulating LINK tokens, was duped into approving a fraudulent transaction, resulting in the loss of roughly $4.66 million.
The Chainlink Investor Phishing Attack: A Detailed Breakdown
The investor, over a period starting from June 7, 2022, to October 14, 2023, had built up a portfolio of 290,750 LINK tokens valued at $2.26 million. Interestingly, the savvy trading strategies allowed the investor to profit nearly $2.4 million.
However, this financial success turned sour when the investor clicked on a phishing link, unwittingly authorizing a malicious transaction.
According to analytics firm Lookonchain’s report, the victim’s error in clicking the phishing link led to them being tricked into signing a transaction that approved the transfer of their assets. The consequence was a devastating total loss of $4.66 million, combining the initial investment and the accrued profits.
What an unlucky guy!
He got 275,700 $LINK($4.42M) stolen by a phishing attack.
This guy accumulated 290,750 $LINK($2.26M) at $7.8 from exchanges between Jun 7, 2022, and Oct 14, 2023, a profit of nearly ~$2.4M currently.
Unfortunately, he accidentally clicked on the phishing… pic.twitter.com/2FqM72T3f7
— Lookonchain (@lookonchain) December 29, 2023
Phishing Scams: A Rising Threat In Crypto?
Meanwhile, data from Chainalysis reveals a concerning trend in the crypto sector. Since May 2021, approval phishing scams have resulted in losses totaling approximately $1.0 billion, with 2022 witnessing victims losing an estimated $516.8 million, while 2023 saw $374.6 million lost to this scam through November.
Notably, these figures underscore the escalating threat posed by such scams, which differ from traditional crypto scams. According to Chainalysis, approval phishing is when scammers deceive users into authorizing blockchain transactions that grant the scammer access to spend specific tokens from the victim’s wallet, enabling them to drain these assets at will.
While phishing scams have risen in the crypto industry, firms and countries have tried to reduce the occurrence and curb this scam. For instance, in October, the Hong Kong Police Force, recognizing this threat, intensified its efforts to combat this fraudulent scheme.
A notable incident involved 11 Binance customers who became victims of sophisticated text message phishing scams. The CyberDefender unit of the Cyber Security and Technology Crime Bureau, a segment of the Hong Kong police force dedicated to online security education, reported this concerning event.
These scammers, masquerading as Binance, sent deceptive text messages to users that appeared to be authentic. The messages urged customers to click a link to confirm their identity details before a certain deadline to avoid account deactivation.
Unbeknownst to the users who followed these instructions, they inadvertently granted the hackers access to their Binance accounts, leading to the theft of all assets within those wallets.
To further safeguard investors and combat the phishing epidemic, the Hong Kong police also publicized a list of verified trading platforms. These platforms have been verified by the Hong Kong Securities and Future Commission (SFC), ensuring a higher level of security and legitimacy for users.
Featured image from iStock, Chart from Tradingview