Report: Phishing Scams Detected as Advertisements on Ethereum Block Explorer Etherscan
Phishing attacks are emerging on the Ethereum (ETH) block explorer Etherscan, as reported by cybersecurity company Scam Sniffer. The firm suggests that Etherscan’s integration of advertisements from crypto and web3 ad networks Coinzilla and Persona may have insufficient filtering, leaving users vulnerable to phishing attempts.
According to Scam Sniffer, crypto phishing scams facilitated the theft of over $295 million in assets in 2023. These scams typically employ a type of crypto malware called “wallet drainers,” which deceive victims into authorizing malicious transactions. Last year, approximately 324,000 crypto holders fell victim to wallet drainers, with the largest one, Inferno Drainer, stealing $81 million over a nine-month period in 2023.
Scam Sniffer highlights that phishing websites employ various methods to direct traffic to their sites. This includes hacking official X and Discord pages, attacking official project frontends, airdropping tokens, and taking over expired Discord links. They also pay for search advertisements on Google and social media platform X, as well as use spam comments.
A recent analysis by blockchain security firm SlowMist revealed that phishing scams account for approximately 80% of comments on tweets from well-known crypto projects. The scammers heavily rely on automation, with SlowMist noting that they can now purchase X accounts. Telegram groups dedicated to selling these accounts have been observed, offering a variety of accounts based on follower count, number of posts, and registration dates. Most of the accounts sold are related to the cryptocurrency industry or are influencer accounts.
It is important for users to stay vigilant and exercise caution when engaging with crypto platforms and advertisements. Phishing attacks pose significant risks, and individuals are encouraged to conduct thorough research and due diligence before making any high-risk investments in Bitcoin, cryptocurrency, or digital assets. Transfers and trades should be conducted at one’s own risk, and any losses incurred are the responsibility of the individual. The Daily Hodl does not provide investment advice and is not an investment advisor.