



The world of cryptocurrencies is full of danger, and scammers are waiting for beginners and beginners. A recent report from Security Department CheckPoint Research highlights a powerful form of attack. It’s about using Google Ads to lure users into fake crypto wallets. In its report, CPR states that in the last few days, about $ 500,000 have been sucked up in these ways.

The mechanism of fraud is as follows. Attackers buy Google Ads in response to a search for popular crypto wallets (software used to store cryptocurrencies, NFTs, etc.). According to CPR, they have noticed scams targeting the most popular wallets in the Solana and Ethereum ecosystems, the Phantom Wallet and the Metamask Wallet.

Scams are a fairly typical phishing attack

When an unsuspecting user phantoms Google, the Google Ads results (which appear above the actual search results) direct the user to a phishing website that looks real. Then one of two things happens: Either the user enters the credentials held by the attacker. Or, more strangely, when you try to create a new wallet, you are instructed to use the recovery password that actually logs in to the wallet controlled by the attacker instead of your own wallet. This means that if they send money, the attacker will receive it immediately, CPR says.

Attackers use fake URLs to trick users into thinking they are logged in to their crypto wallet. Image: CPR Like other phishing scams, fake sites are designed to be as similar as possible to real sites. Image: CPR

As with more common phishing scams, attackers rely on making fake login pages look as real as possible. CPR states that it has seen attackers use fake URLs to trick users into, for example, phanton.app or phantonn.app instead of the correct phantom.app. The group also sees similar phishing scams used to direct users to fake crypto exchanges such as PancakeSwap and UniSwap.

CPR researchers say they started to notice these scams when they saw crypto users complaining about losses on Reddit and other forums. They estimate that at least $ 500,000 has been stolen in the last few days.

CPR Oded Vanunu said at a news conference that a new cybercrime trend has arrived in which scammers use Google search as their primary attack vector to reach cryptocurrency wallets instead of traditional email phishing. thinking about. The victim-guided phishing website reflects a close copy and imitation of the wallet brand’s message. And most worrisome is that multiple groups of scammers are bidding on Google Ads keywords. This could be a sign of the success of these new phishing campaigns aimed at robbing crypto wallets.

This group provides some wisdom to users who want to avoid these pitfalls, such as checking search results without clicking on Google Ads results and always checking the URL of the site they are visiting.

Sources 1/ https://Google.com/ 2/ https://www.theverge.com/2021/11/4/22763015/cryptocurrency-fake-wallet-phishing-scam-google-ads-phantom-metamask The mention sources can contact us to remove/changing this article

