Crypto Phishers Lift $4 Million From Unsuspecting Users' Pockets Using Google Ads


Crypto criminals have stolen over $4 million in crypto funds from users that have fallen victim to phishing sites promoted through Google ads following a recent surge in crypto phishing efforts.

The metadata analysis of the phishing websites in question has been linked to advertisers in Ukraine and Canada. Also, more than 3000 users have been targeted by these crypto phishers, a report from on-chain analytics outfit ScamSniffer said on Thursday.

1/ 🚨 A recent surge in phishing scams via Google search ads has led to users losing approximately $4 million.
ScamSniffer has investigated multiple cases where users clicked on malicious ads and were directed to fraudulent websites.#PhishingScams #GoogleAds

These scammers use various techniques like manipulating Google click ID parameters, allowing the attackers to show a normal webpage during Google’s standard ad review. The crypto phishers also leverage anti-debugging techniques which redirect users with developer tools to a normal website, enabling the scammers to bypass user security and system firewalls.

ScamSniffer’s report noted that crypto phishers are able to access sensitive user information with these phishing links and use these credentials to compromise digital wallets.

Crypto Phishers Make A Killing From Scamming DeFi Users

Google keyword data showed that scammers have targetted users interested in DeFi protocols and services like DeFi Llama, Lido Finance, Orbiter Finance, Radiant, and Zapper to name a few. These keywords topped the search list for malicious ads.

The cost of promoting crypto-related phishing websites is lucrative since the average cost per click for associated keywords is between $1 to $2, ScamSniffer’s report said. Crypto phishers made more than 260% in ROI while spending as much as $15,000 promoting these phishing links.

4/ 🛡️ Malicious ads employ several techniques to bypass Google's ad review process, including parameter distinction and debugging prevention.
These tactics allow them to deceive Google's ad review process and cause significant harm to users. #AdReview #Bypass

Web 2 Platforms Leveraged For Web 3 Theft

This is not the first time crypto criminals have used Web 2 tools and services to steal funds from Web 3 users. In 2020, crypto phishers hijacked the Twitter accounts of several prominent personalities including Elon Musk, the billionaire who now owns the popular bird arm.

Verified accounts like Musk’s tweeted out phishing links asking users to claim free crypto tokens. Reports said that users lost unconfirmed amounts in Bitcoin (BTC).

Last month, the Twitter account of Circle CSO Dante Disparte published a phishing link with a fake USDC airdrop. The case highlighted again, how cybercriminals use Web 2 platforms to perpetrate Web 3 theft.

Source: Read Full Article