Scam Sniffer 在週二的一篇文章中透露,谷歌上的“Soneium”已被作爲網絡釣魚廣告發布。該廣告是贊助帖子,會將用戶帶到虛假網站。它會誘騙用戶連接他們的加密錢包並簽署欺詐交易。簽署後,詐騙者將進入他們的錢包並竊取他們的資產。
⚠️ 在 Google 上搜索 Soneium,點擊了網絡釣魚廣告。
連接錢包並簽署網絡釣魚簽名後,您的資產消失了……😱💸 pic.twitter.com/5Hpi9OTZ4S—詐騙嗅探器| Web3 反詐騙 (@realScamSniffer) 2024 年 10 月 22 日
Phishing attempts where scammers attempt to hack crypto wallets through fake ads or websites are fairly common. Other methods that scammers use could include pyramid schemes, rug pulls, and setting up fraud exchanges. However, phishing attempts are more concealed. Users might think that the ad or website belongs to a trusted operator.
A series of research by Check Point underlined that scammers have been using fake airdrop campaigns and counterfeit websites to appear as authentic blockchain platforms. The report finds that groups like “Angel Drainer” provide tools for wallet draining. In the past, similar groups, like Inferno Drainer, were reportedly shut down.
The report shows that Microsoft was the most imitated brand in phishing scams in Q3 2024. Microsoft accounted for 61% of such attacks in the quarter. Apple (12%), Google (7%), and Facebook (3%) are next on the list. Sector-wise, tech is the most targeted industry for imitation, followed by social networks and banking.
Notably, there has been a rise in cyberattacks in Q3 2024. On average, each organization reportedly faced 1,876 cyberattacks per week. Based on research, the figure is a 75% increase since 2023. The education and research sector was hit hardest with 3,828 weekly attacks. Regionally, Africa had the most attacks with a 90% year-on-year increase, averaging 3,370 per week.
Meanwhile, Scam Sniffer’s last report found that 10,000 victims lost around $46 million to phishing scams in September alone. The analyst cited MistTracker’s finding and reported that top phishing scams occurred through links from fake X accounts.
Google phishing ads were reportedly the next major source of these attacks.
Check Point emphasizes that users verify email sources, avoid suspicious links, and use methods like multi-factor authentication (MFA) for protection from phishing attempts. Scam Sniffer underlines that users need to optimize phishing signature displays for further protection. He also calls for integrating phishing domains and address blocklists for additional security.