Scam Sniffer reveló en una publicación el martes que "Soneium" en Google se publicó como un anuncio de phishing. El anuncio era una publicación patrocinada y llevará a los usuarios a un sitio web falso. Engañaría a los usuarios para que conectaran su billetera criptográfica y firmaran una transacción fraudulenta. Después de firmarlo, los estafadores obtendrían acceso a sus billeteras y robarían sus activos.
⚠️ Busqué Soneium en Google, hice clic en un anuncio de phishing.
Después de conectar su billetera y firmar una firma de phishing, sus activos desaparecieron… 😱💸 pic.twitter.com/5Hpi9OTZ4S- Rastreador de estafas | Web3 Anti-Scam (@realScamSniffer) 22 de octubre de 2024
Phishing attempts where scammers attempt to hack crypto wallets through fake ads or websites are fairly common. Other methods that scammers use could include pyramid schemes, rug pulls, and setting up fraud exchanges. However, phishing attempts are more concealed. Users might think that the ad or website belongs to a trusted operator.
A series of research by Check Point underlined that scammers have been using fake airdrop campaigns and counterfeit websites to appear as authentic blockchain platforms. The report finds that groups like “Angel Drainer” provide tools for wallet draining. In the past, similar groups, like Inferno Drainer, were reportedly shut down.
The report shows that Microsoft was the most imitated brand in phishing scams in Q3 2024. Microsoft accounted for 61% of such attacks in the quarter. Apple (12%), Google (7%), and Facebook (3%) are next on the list. Sector-wise, tech is the most targeted industry for imitation, followed by social networks and banking.
Notably, there has been a rise in cyberattacks in Q3 2024. On average, each organization reportedly faced 1,876 cyberattacks per week. Based on research, the figure is a 75% increase since 2023. The education and research sector was hit hardest with 3,828 weekly attacks. Regionally, Africa had the most attacks with a 90% year-on-year increase, averaging 3,370 per week.
Meanwhile, Scam Sniffer’s last report found that 10,000 victims lost around $46 million to phishing scams in September alone. The analyst cited MistTracker’s finding and reported that top phishing scams occurred through links from fake X accounts.
Google phishing ads were reportedly the next major source of these attacks.
Check Point emphasizes that users verify email sources, avoid suspicious links, and use methods like multi-factor authentication (MFA) for protection from phishing attempts. Scam Sniffer underlines that users need to optimize phishing signature displays for further protection. He also calls for integrating phishing domains and address blocklists for additional security.