June 6, 2023

ScamSniffer: Users lost $4 million on phishing crypto sites advertised by Google Ads

Article reading time:
2 minutes.

ScamSniffer: Users lost $4 million on phishing crypto sites advertised by Google Ads

According to the ScamSniffer platform, users have lost more than $4 million in a month by falling victim to cryptocurrency phishing sites. Their creators use the contextual advertising service Google Ads.

ScamSniffer analysts found out:In recent weeks, Google search has been dominated by ads advertising malicious pages. Most users are unaware that the ads may be fraudulent, so they click on the first cryptocurrency site that comes across. Basically, attackers disguise themselves as decentralized protocols and crypto companies like Zapper.fi, Lido, Stargate, DefiLlama, Orbiter Finance and Radiant.

Fraudsters use URLs similar toaddresses of official websites of companies, making minor changes. Therefore, it is difficult for people to understand that they have followed a dangerous link. On phishing sites, users are asked for login details to a wallet or account of a real crypto project, which are then used to steal crypto assets.

Unknown people posting fraudulent adssites use a number of methods to bypass Google's ad verification. This includes manipulating the Google Click ID parameter, which allows attackers to display a normal web page while viewing Google ads.

According to ScamSniffer, over the past month there have been$4.16 million stolen from over 3,000 users. The attackers moved the stolen funds to the SimpleSwap exchange service, the Tornado cryptocurrency mixer, as well as to the KuCoin and Binance.US cryptocurrency exchanges.

ScamSniffer analysts suggested that the averagethe cost of a click on keywords is about $1-2. Based on an estimated conversion rate of 40% from 7,500 users who clicked on the ad, the cost of the ad is approximately $15,000 and its ROI is 276%.

Recently, Kaspersky Lab warned aboutan increase in the number of cryptocurrency phishers. According to experts, over the past year, for example, in Azerbaijan, the number of phishing attacks has tripled.