Report: Phishing Scams Cause Crypto Losses Exceeding $47 Million in February
ScamSniffer, a cybersecurity firm specializing in detecting cryptocurrency scams on the web3 platform, has released its latest report on crypto phishing for the month of February. The report highlights a worrisome trend in the increasing number of crypto phishing scams.
According to the report, a staggering 57,000 individuals fell victim to these scams, resulting in a monthly loss of up to $47 million. However, there is some positive news amidst the gloom, as the number of victims who lost over one million dollars decreased by 75% compared to the previous month.
The report also reveals that the majority of the stolen funds, a whopping 78%, were associated with thefts on the Ethereum mainnet. The main assets targeted in these thefts were ERC20 tokens, accounting for 86% of the stolen funds.
One notable threat identified in the report is the use of phishing signatures such as “permit,” “IncreaseAllowance,” and “Uniswap Permit2” by hackers. These signatures allow the hackers to gain unauthorized access to the victims’ assets, leading to significant losses, especially in the case of ERC20 tokens.
Twitter impersonation tactics were found to be the most common method used to trap victims. Cybercriminals created fake Twitter accounts to deceive users and direct them to phishing websites. This strategy exploits the trust users place in social media platforms and enables cybercriminals to execute sophisticated phishing attacks.
The report also sheds light on a tactic employed by wallet drainers, who propose “safe” or “account abstraction” wallets as token approvers to carry out their phishing attacks seamlessly.
In conclusion, the February phishing report by ScamSniffer serves as a warning sign for the growing threat of phishing scams. A report from The Block predicts that $104 million in cryptocurrency will be lost to phishing incidents within the first two months of 2024, indicating a significant surge in these scams. To protect their digital assets, users must remain vigilant and adopt robust security measures to avoid falling victim to phishing attacks.