Impersonated accounts on social media platforms have become a major concern in the world of cryptocurrency, with cybercriminals using these fake accounts to lure unsuspecting victims into phishing attacks. According to the latest report from Scam Sniffer, nearly $47 million was stolen from over 57,000 victims last month alone.
The majority of these phishing attacks targeted cryptocurrency holders through fake accounts that appeared to be high-profile individuals. These accounts would leave comments on posts to entice users into visiting phishing sites where their funds would be stolen. Ethereum mainnet was the most targeted network, with ERC20 tokens accounting for 86% of the thefts.
One of the common tactics used by cybercriminals in these attacks is to trick users into signing phishing signatures such as Permit, IncreaseAllowance, and Uniswap Permit2. These signatures allow users to interact with smart contracts without prior authorization, but they are being exploited by bad actors in phishing schemes.
Scam Sniffer also warned that wallet drainer attacks are now using safe or “account abstraction” wallets for token approvals. While account abstraction is meant to enhance smart contract compatibility, it is being manipulated by attackers to drain wallets of funds.
Despite the large volume of stolen funds in February, the number of victims losing over $1 million dropped by 75% from the previous month. However, it’s not just fake social media accounts that cryptocurrency holders need to be wary of. The developers of the popular Leather wallet recently issued a warning about a scam app on the Apple App Store that contains crypto-drainer malware.
The makers of Leather wallet advised users not to download the fake app and only download the wallet from its official website to avoid falling victim to the scam. It’s crucial for cryptocurrency users to stay vigilant and only trust official sources when it comes to managing their digital assets. Stay informed and protect yourself from falling prey to phishing attacks and scams in the cryptocurrency space.