Scam Sniffer เปิดเผยในโพสต์เมื่อวันอังคารว่า "Soneium" บน Google ถูกโพสต์เป็นโฆษณาฟิชชิ่ง โฆษณานี้เป็นโพสต์ที่ได้รับการสนับสนุน และจะนำ ผู้ใช้ไปยังเว็บไซต์ปลอม มัน จะหลอก ผู้ใช้ให้เชื่อมต่อ กระเป๋า เงินดิจิตอลของพวกเขา และลงนามในธุรกรรมที่ฉ้อโกง หลังจากที่พวกเขาลงนามแล้ว นักต้มตุ๋น จะสามารถ เข้าถึงกระเป๋าเงินของพวกเขาและ ขโมย ทรัพย์สินของพวกเขา ได้
⚠️ ค้นหา Soneium บน Google แล้วคลิกโฆษณาฟิชชิ่ง
หลังจากเชื่อมต่อกระเป๋าเงินของคุณและเซ็นลายเซ็นฟิชชิ่ง ทรัพย์สินของคุณก็หายไป… 😱💸 pic.twitter.com/5Hpi9OTZ4S— ดมกลิ่นหลอกลวง | Web3 Anti-Scam (@realScamSniffer) 22 ตุลาคม 2024
Phishing attempts where scammers attempt to hack crypto wallets through fake ads or websites are fairly common. Other methods that scammers use could include pyramid schemes, rug pulls, and setting up fraud exchanges. However, phishing attempts are more concealed. Users might think that the ad or website belongs to a trusted operator.
A series of research by Check Point underlined that scammers have been using fake airdrop campaigns and counterfeit websites to appear as authentic blockchain platforms. The report finds that groups like “Angel Drainer” provide tools for wallet draining. In the past, similar groups, like Inferno Drainer, were reportedly shut down.
The report shows that Microsoft was the most imitated brand in phishing scams in Q3 2024. Microsoft accounted for 61% of such attacks in the quarter. Apple (12%), Google (7%), and Facebook (3%) are next on the list. Sector-wise, tech is the most targeted industry for imitation, followed by social networks and banking.
Notably, there has been a rise in cyberattacks in Q3 2024. On average, each organization reportedly faced 1,876 cyberattacks per week. Based on research, the figure is a 75% increase since 2023. The education and research sector was hit hardest with 3,828 weekly attacks. Regionally, Africa had the most attacks with a 90% year-on-year increase, averaging 3,370 per week.
Meanwhile, Scam Sniffer’s last report found that 10,000 victims lost around $46 million to phishing scams in September alone. The analyst cited MistTracker’s finding and reported that top phishing scams occurred through links from fake X accounts.
Google phishing ads were reportedly the next major source of these attacks.
Check Point emphasizes that users verify email sources, avoid suspicious links, and use methods like multi-factor authentication (MFA) for protection from phishing attempts. Scam Sniffer underlines that users need to optimize phishing signature displays for further protection. He also calls for integrating phishing domains and address blocklists for additional security.