ScamSniffer Detects Malicious Phishing URLs on Google Ads
Web3 anti-scam service provider ScamSniffer has recently reported a surge in malicious phishing ads on Google. These ads direct users to fraudulent websites that request wallet login signatures, ultimately compromising users' addresses.
DeFi Protocols and Brands Targeted by Scammers
Scammers have targeted various decentralized finance (DeFi) protocols, websites, and brands, such as Zapper.fi, Lido, Stargate, DefiLlama, Orbiter Finance, and Radiant. They employ subtle changes to official URLs, making it challenging for users to recognize malicious links.
Advertisers in Ukraine and Canada Linked to Phishing Websites
Metadata analysis of the phishing websites has traced back to advertisers in Ukraine and Canada. These individuals employ several techniques to evade Google's ad review process, including manipulating the Google Click ID parameter.
Scammers Bypass Google Ads' Machine Reviews
Other malicious ads use anti-debugging methods to redirect users with developer tools enabled to legitimate websites, while direct clicks lead to the malicious site. This tactic allows scammers to bypass some of Google Ads' machine reviews.
Over $4.16 Million Stolen from 3,000 Users in a Month
ScamSniffer's on-chain data analysis from addresses linked to malicious websites advertised on Google reveals that over $4.16 million has been stolen from over 3,000 users in the past month alone.
Stolen Funds Tracked to Exchange and Mixing Services
The anti-scam service traced on-chain fund flows to various exchange and mixing services, including SimpleSwap, Tornado Cash, KuCoin, and Binance.
Lucrative ROI for Scammers in Crypto-Related Phishing
According to ScamSniffer, promoting crypto-related phishing websites is lucrative, with the average cost per click for associated keywords ranging from $1 to $2. With a 40% conversion rate from 7,500 users clicking on malicious ads, scammers have spent about $15,000 on advertising, yielding a 276% return on their nefarious investments.
Kaspersky Reports 40% Increase in Crypto Phishing Attacks
Russian cybersecurity and anti-virus provider Kaspersky reported a 40% increase in crypto-related phishing attacks throughout 2022. The firm identified over 5 million phishing attacks last year.