Phishing Scams Targeting Etherscan Users via Ads Detected

Phishing Campaign Targeting Etherscan Users

A significant phishing campaign targeting users of the Ethereum blockchain explorer Etherscan has come to light, with several advertisements identified as part of the malicious operation.

Warning Issued After Phishing Campaign Targets Etherscan Users

A user flagged certain advertisements on Etherscan as potential wallet drainers, cautioning users against being redirected to phishing websites upon clicking on such ads.

Investigation Reveals Widespread Phishing Advertisements

Further investigation revealed that these phishing advertisements were not limited to Etherscan but were also spotted on various known phishing websites. Web3 security platform Scam Sniffer swiftly responded to the warning and launched an investigation.

Extent of the Phishing Campaign Uncovered

Renowned on-chain detective ZachXBT delved further, disclosing that the phishing on Etherscan is linked to a draining service. Furthermore, it was revealed that the draining service had phished a significant sum from a victim.

Address of Theft Revealed

ZachXBT shared the address of the theft, revealing that the wallet contained 87.08 Ethereum (ETH) and other tokens and coins, amounting to approximately $298,972 at the time of reporting.

Warning Against Phishing Attacks

Chief Information Security Officer 23pds from blockchain security firm SlowMist emphasized the warning, advising users to exercise caution due to the presence of phishing ads on Etherscan.

Phishing Attacks on Crypto Users

Phishing attacks pose a significant threat to crypto users, with reports indicating substantial losses in recent years. According to Scam Sniffer, phishing attacks scammed around 97,000 crypto users of $104 million in the first few months of this year.

Losses Due to Phishing in 2023 and 2024

Phishing attacks led to losses of nearly $300 million in 2023, with losses in 2024 already exceeding $100 million. The primary targets of these attacks were Ethereum users, with significant amounts of assets lost, including ETH and ERC20 tokens.

Tactics Used by Cybercriminals

The primary tactic used by cybercriminals was to trick victims into signing harmful phishing signatures, allowing unauthorized access to their victims’ cash. Victims were often duped by false comments on social media platforms, leading them to phishing sites where their digital assets were stolen.

Persistent Challenge in Combating Phishing

Despite efforts to shut down such scams, phishing gangs often relocate their operations to different platforms, indicating a persistent challenge in combating fraudulent activities in the crypto space.