Data from Google Ads coupled with blockchain analytics reveals that more than $4 million has been stolen from cryptocurrency users who fell for malicious phishing websites promoted on Google.
According to Web3 anti-scam service provider ScamSniffer, Malicious ads from phishing websites have dominated Google ad searches in recent weeks. The URLs lead to fraudulent websites that require login to wallets, compromising users’ addresses.
1/ A recent surge in phishing scams via Google search ads has led to users losing approximately $4 million.
ScamSniffer has investigated multiple cases where users clicked on malicious ads and were directed to fraudulent websites.#PhishingScams #GoogleAds pic.twitter.com/vuKCgSuFnV— Scam Sniffer (@realScamSniffer) April 27, 2023
1/ A recent increase in phishing scams via Google search ads has lost users approximately $4 million. ScamSniffer has investigated multiple cases where users clicked on malicious ads and were directed to fraudulent websites.
Several decentralized finance protocols, websites, and brands, including Zapper.fi, Lido, Stargate, DefiLlama, Orbiter Finance, and Radiant, have been targeted by scammers. Slight changes to official URLs make it more difficult for users to identify that they have clicked on malicious links.
Analysis of the metadata of several of the phishing websites in question has allowed them to be linked to advertisers located in Ukraine and Canada. The users responsible for placing the malicious ads use various methods to circumvent Google’s ad review process. This includes manipulation of the Google Click ID parameter, which allows attackers to display a normal web page during Google ad review.
Other malicious ads use anti-debugging methods to redirect users with developer tools enabled to a normal website, while a direct click takes users to the malicious website. This also allows scammers to bypass some of Google’s automatic ad reviews.
On-chain data analysis of addresses linked to malicious websites advertised on Google from the database of ScamSniffer suggests that $4.16 million has been stolen from more than 3,000 users in the past month.
The anti-scam service followed on-chain fund flows to various exchange and mixing services, including SimpleSwap, Tornado Cash, KuCoin, and Binance.
Making use of advertising analysis platforms, ScamSniffer suggests that the cost of promoting cryptocurrency-related phishing websites is lucrative. The average cost per click for associated keywords ranges from $1-$2.
Estimating a 40% conversion rate from the 7,500 users who click on the malicious ads, The scammers have spent about $15,000 on advertising, earning them a 276% return, given the $4 million stolen to date.
A report from Russian cybersecurity and antivirus provider Kaspersky highlighted an increase in cryptocurrency-related phishing attacks through 2022, up 40% year-on-year.with more than 5 million phishing attacks identified last year.
Clarification: The information and/or opinions expressed in this article do not necessarily represent the views or editorial line of Cointelegraph. The information presented here should not be taken as financial advice or investment recommendation. All investment and commercial movement involve risks and it is the responsibility of each person to do their due research before making an investment decision.
Keep reading:
Investments in crypto assets are not regulated. They may not be suitable for retail investors and the entire amount invested may be lost. The services or products offered are not directed or accessible to investors in Spain.