Free Airdrop Season 7 is LIVE! Answer fun questions or do simple tasks to earn rewards from the $30K BitDegree prize pool. Participate Now ! 🔥
Free Airdrop Season 7 is LIVE! Answer fun questions or do simple tasks to earn rewards from the $30K BitDegree prize pool. Participate Now ! 🔥
An alarming $4 million has been swiped from users who fell prey to crafty crypto phishing scams promoted through Google Ads.
Recently, ScamSniffer, a Web3 anti-scam service provider, has been noticing a surge in malicious phishing ads popping up on Google searches.
According to ScamSniffer, these ads trick users into clicking on deceptive URLs directing them to fraudulent websites asking for wallet login signatures, thus compromising their addresses.
Did you know?
Subscribe - We publish new crypto explainer videos every week!
What is Polygon in Crypto? (Animated Explainer)
The devious scammers have set their sights on multiple DeFi protocols, websites, and brands, such as Zapper.fi, Lido, Stargate, Defillama, Orbiter Finance, and Radiant.
By making small alterations to the official URLs, the attackers make it extremely difficult for users to recognize the malicious links they've clicked.
ScamSniffer's on-chain data analysis reveals that, in the past month, these fraudulent websites have defrauded over 3,000 users out of a staggering $4.16 million. The anti-scam service has traced the flow of stolen funds to various exchange and mixing services like SimpleSwap, Tornado Cash, KuCoin, and Binance.
Advertising analysis platforms show that promoting these crypto-related phishing sites is a lucrative venture.
The average cost per click for associated keywords ranges from $1 to $2. Assuming a 40% conversion rate from 7,500 users clicking on the malicious ads, the scammers have invested around $15,000 in advertising. Yet, they've managed to rake in a jaw-dropping 276% return on their investments.
Digging deeper into the metadata of these phishing websites, ScamSniffer has discovered links to advertisers based in Ukraine and Canada. These malicious actors employ various techniques to sidestep Google's ad review process, like manipulating the Google Click ID parameter to display a legitimate webpage during the review.
Additionally, some fake ads utilize anti-debugging methods to redirect users with developer tools enabled to a legitimate website. In contrast, a direct click lands users on the malicious site, allowing scammers to evade some of Google ads' machine reviews.
Cybercriminals are getting smarter, and their phishing tactics are evolving. It's crucial to stay vigilant and verify the legitimacy of websites before clicking on ads or entering sensitive information.
To ensure the highest level of accuracy & most up-to-date information, BitDegree.org is regularly audited & fact-checked by following strict editorial guidelines & review methodology.
Carefully selected industry experts contribute their real-life experience & expertise to BitDegree's content. Our extensive Web3 Expert Network is compiled of professionals from leading companies, research organizations and academia.