2023 witnessed a significant rise in cryptocurrency phishing scams, resulting in a shocking $295 million being stolen from approximately 324,000 victims. These findings were revealed in a report by Scam Sniffer, shedding light on the alarming increase in such fraudulent activities.
One of the most effective tactics employed by scammers is the use of wallet drainers, which involve malicious software on phishing sites. These sites trick users into signing malicious transactions, leading to the draining of assets from their cryptocurrency wallets. These attacks have become increasingly sophisticated, causing substantial financial losses for many individuals.
March 11 marked a notable spike in theft, with nearly $7 million being stolen due to USDC rate fluctuations and phishing sites impersonating Circle. Another significant wave of theft was observed around March 24, coinciding with the hacking of Arbitrum’s Discord.
The report identifies several prominent wallet drainers, including Inferno Drainer ($81 million), MS Drainer ($59 million), and Angel Drainer ($20 million), among others. The departure of some drainers, such as Monkey Drainer, opened the door for others like Venom Drainer to take over their clientele. The scale of theft has been rapidly escalating, with Inferno Drainer alone looting $81 million in just nine months.
Phishing sites are gaining traffic through various means, including hacking attacks on official Discord and Twitter accounts, attacks on project front-ends, airdrops, and paid advertising through Google and Twitter ads. Personal private message phishing has also become more prevalent.
In addition to the rising number of phishing websites, scammers are employing smart contracts for efficient asset transfers. They use methods like multicall, CREATE2, and CREATE to bypass security checks and make the destination of asset transfers unknown until signing.
To combat these fraudulent activities, Scam Sniffer has scanned nearly 12 million URLs, identifying almost 145,000 malicious URLs and adding approximately 100,000 malicious domains to their open-source blacklist.
The report also highlights 13 severe theft cases, totaling losses of $50 million. These cases shed light on common phishing signatures such as Permit, Permit2, Approve, and Increase Allowance, which target different types of assets.
As the sophistication and frequency of cryptocurrency phishing scams continue to increase, it is crucial for individuals to remain vigilant and take necessary precautions to safeguard their digital assets. This includes practicing caution when interacting with unfamiliar websites, double-checking the authenticity of communication channels, and staying informed about the latest phishing techniques.
In conclusion, the rise of cryptocurrency phishing scams in 2023 has led to significant financial losses for unsuspecting victims. The use of wallet drainers and the increasing sophistication of phishing sites have made it imperative for individuals to educate themselves about these scams and adopt effective security measures to protect their investments.
