- A $3 million phishing scam victim lost funds by unknowingly signing a malicious blockchain transaction.
- Phishing attacks exploit human errors, with scammers using similar blockchain addresses to deceive investors.
- Crypto phishing attacks have surged in 2024, resulting in over $1 billion in stolen assets, which points to the importance of stronger security.
A cryptocurrency holder just lost three million dollars in a phishing attack. The attack took place when the victim, who was the victim, signed a malicious transaction on the blockchain and had not checked the contract address. The event reminds us about the increased threat of scams involving digital assets and the danger of failing to triple-check the information in the blockchain before approving a transaction.
Lookonchain, a blockchain analytics platform, revealed that the victim had fallen for a common scam and used a very similar address to deceive the investor.
The address was malicious and looked like something legitimate, yet closer it could be observed that there were slight inconsistencies. The victim failed to notice these differences and consequently sent the money to the swindler.
Also Read: FaZe Banks Resigns Amid MLG Coin Scandal, Denies Scam Involvement
Phishing Scams Exploit Crypto Address Mistakes
This type of phishing activity is getting increasingly popular in the crypto space. They use the technique of social engineering to defraud investors. Bad actors usually deliver phony links that pilfer delicate details, including confidential keys to cryptocurrency wallets. The schematic underlines the role of being careful during crypto transactions.
In this instance, the victim had a validated address because he or she checked only the first and last few characters. Investors commonly employ this strategy. Attackers, however, take advantage of the situation by concealing the middle characters so that the address appears to be legal.
Source: Nansen
This phishing loss follows another huge loss. An investor had lost $900,000 on a similar scam days ago. The victim had unknowingly signed a malicious approval transaction 458 days earlier (meaning that the attack itself takes place).
The scammer relieved the victim of money by draining their wallet before they understood that they had lost anything. This highlights that prolonged exposure can lead to significant financial losses.
Phishing Scams Surge: $1 Billion Lost in 2024 Crypto Attacks
These recent losses are just the beginning. In May 2024, a significant wallet poisoning scam resulted in a loss of $68 million. But in a bizarre twist, the scammer sent back the money after two weeks. Blockchain analysts had followed the potential IP address route of the scammer to Hong Kong, which put pressure on the attacker to recover the stolen funds.
According to experts, phishing attacks are no longer relying on weaknesses of the codes but on human nature. Hackers are currently exploiting the lack of awareness and knowledge in the minds of the investors.
Such a change of strategy is complicating the prevention of attacks with traditional measures of security. It also exposes investors to a higher risk of investing in fraudulent activities, as they do not notice the red flags.
Indeed, phishing scams presented the costliest attack method of the crypto sector in 2024. As the CertiK Web3 security report has it, there was over $1 billion in stolen assets in phishing attacks. It was also discovered in the report that phishing cases reached almost 300 in the year 2024. Of these, three at least cost more than $100 million.
Source: CertiK Web3 security
Binance has been keen to mitigate this emerging menace by coming up with a defense strategy against phishing. On the exchange, an algorithm capable of identifying poisoned wallet addresses appeared.
Such a system has already marked more than 15 million poisoned addresses. The initiative demonstrates that the exchanges are considering phishing threats and trying to secure their users.
Cryptocurrency is still increasing; however, experts warn that caution needs to be exercised. A phishing scam is moving and becoming more advanced. Investors need to be more watchful than before whenever working with digital assets.
Also Read: How a Crypto User Lost $908,000 to a Wallet-Draining Scam
