The scammers made away with at least half a million dollars, using Google ads rather than email to reach users of crypto wallets Phantom and Metamask and of crypto exchange Pancake, Bankless Times learned from a Check Point Research (CPR) report.
There has been a series of reports about crypto scams in recent weeks, turning attention to how traders need to exercise caution to avoid falling victim to attacks that can result in loss of funds. Check Point Research writes:
CPR has encountered hundreds of incidents in which crypto investors lost their money while trying to download and install well known crypto wallets or change their currencies on crypto swap platforms like PancakeSwap or Uniswap.
Multiple phishing sites involved
Over the past weekend, CPR’s team noticed multiple phishing websites that looked just like the original website because the design was copied. For example, variants like phanton.app were used for the domain “phantom.app”, or different extensions.
Google ads used to lure victims
Instead of using email like ‘traditional’ phishing scams, the cybercriminals used Google ad campaigns to make their phishing websites rank higher than the original when someone enters Metamask or Phantom in Google. The report includes an example of a scammer using a Google ad campaign to steal the user’s private key and gain unauthorized access to their wallet. He was tricked into giving them a phrase that allowed them to steal the funds as they were transferred.
The user logs in to the attacker’s wallet instead of creating a new one if he adds the Chrome wallet tab to their browser. The scammer gets any new funds transferred immediately. There were multiple wallets under the same account, and attackers stole thousands in every wallet. CPR advised users of crypto wallets not to click on ads and to use only direct, known URLs.
About Metamask, where most of the damage was done
Metamask is a non-custodial digital wallet, which has become a key gateway to DeFi. In July, its monthly active users reached 10 million. Asian markets led the growth. Metamask is similar to a bitcoin wallet in how it functions, enabling users to sign in to decentralized apps and use them through a regular browser.
It remains among the most popular ways for users to access the Ethereum blockchain. In part, NFTs have fueled its growth. People use the wallet to exchange tokens, buy NFTs, borrow, lend, mint, and play games.