A new trick to steal cryptocurrencies.. Beware these ads
A recent report by security firm Check Point Research highlights a new form of attack to steal Cryptocurrencies By using Google ads to direct users to fake crypto wallets.
In its report, Check Point Research said it has seen nearly half a million dollars embezzled through these methods in just the past few days.
Scammers place ads at the top of Google searches that imitate popular crypto wallet brands to trick users into providing the wallet passphrase and private key.
Over the weekend, the company noticed hundreds of thousands of dollars in cryptocurrency being stolen from wallets by fraudsters.
To lure their victims, the scammers placed Google ads at the top of the search that mimic popular wallets and platforms.
Each ad contained a malicious link that directed the victim to a phishing website that copied the branding and messages of the original wallet site. Scammers tricked their victims into giving up their wallet passwords, allowing the wallet to be stolen.
Phishing campaigns are traditionally originated by email. But in what appears to be a new trend, attackers are serving ads targeting wallet-related keywords in Google Ads, with Google Search being used as an attack method to target the victims’ crypto wallets.
The scammer places a Google ad to appear first in a search query related to a crypto wallet. The victim clicks on a malicious link in Google ads. The victim is directed to a phishing website that looks identical to the original wallet site.
The fake site will try to steal your passphrase, if you have a wallet, or provide you with a new passphrase for a newly created wallet. Either way, the scammer gets access to your wallet and steals all of your cryptocurrency.
As with phishing scams in general. Attackers rely on making fake login pages look as real as possible.
Check Point Research notes that it has seen attackers use fake URLs to deceive users. and direct them to phanton.app or phantonn.app, for example, instead of the correct phantom.app.
It has also seen similar scams used to direct users to fake cryptocurrency platforms, including PancakeSwap and UniSwap.
Subtly charming zombie buff. Amateur analyst. Proud tvaholic. Beer fanatic. Web expert. Evil troublemaker. Passionate internet maven. Gamer. Food evangelist.