$4M Stolen in Crypto Phishing Scam Using Google Ads
Over $4M Stolen in Crypto Phishing Scam Using Google Ads. Scam Sniffer, an anti-scam service provider, has found that malicious adverts for phishing websites have recently been prevalent in Google Ads searches.
How Scammers Bypass Google’s ad review process
Scammers use several methods to bypass Google’s ad review process. It manipulates the Google Click ID parameter by using anti-debugging methods to redirect users with developer tools enabled to a normal website.
However, direct click takes users to malicious websites and permits scammers to bypass some of Google Ads‘ machine reviews.
On-chain data analysis
On-chain data analysis reveals $4M stolen from over 3000 users. Scammers have targeted many decentralized finance protocols websites and brands. Therefore, these scammers are Zappers.fi, Lido, Stargate, DefiLlama, Orbiter Finance, and Radiant.
A mild change to official URLs makes it difficult for users to identify that they have clicked on malicious links. However, metadata analysis from some phishing websites has connected to advertisers in Ukraine and Canada. So, On-chain data analysis from ScamSniffer’s database suggests that over $4.16 million has been stolen from over 3000 users in the past month.
Cost of promoting crypto-related phishing websites
Scam Sniffer suggests that promoting crypto-related phishing websites is lucrative. The medium cost per click for associated keywords is $1 to $2. Furthermore, scammers have spent almost $15000 on advertising. It estimates a conversion rate of %40 from 7500 users clicking on malicious adverts.
Increase in crypto-related phishing attacks
Russian cybersecurity and antivirus provider Kaspersky’s report highlighted a 40% year-on-year increase in crypto-related phishing attacks. Not only this, but also over 5 million phishing attacks were identified last year.
$4M Stolen in Crypto Phishing Scam Using Google Ads has resulted in the loss of millions of Dollars for unsuspecting crypto users. Scammers have found a way to bypass Google’s ad review process. So, the slight changes to official URLs make it difficult for users to identify malicious links.
However, the cost of promoting crypto-related phishing websites is high, and the return on investment for scammers has been significant.
Users must remain vigilant and cautious when interacting with crypto-related content online to avoid falling victim to these scams.