Cryptocurrency phishing attacks surged by over 215% in August, driven in part by a significant single attack resulting in losses exceeding $55 million.
Crypto phishing attacks involve hackers sharing fraudulent links with victims to steal sensitive information, such as crypto wallet private keys.
Crypto phishing attacks cost the industry over $66 million in August, according to a Sept. 3 X post by Scam Sniffer:
“In August, around 9,145 victims lost about $63 million to crypto phishing scams in August. While the number of victims dropped by 34% from July, the stolen amount surged by 215%.”
Phishing attacks are becoming increasingly common in the crypto space. In May, a trader lost $71 million worth of crypto in the year’s most high-profile phishing attack. The attacker tricked the trader into sending 99% of their funds to the attacker’s address.
$55 million phishing attack accounted for 88% of value stolen in August
The majority of the stolen value in August was attributed to a single large-scale phishing attack worth $55 million.
On Aug. 20, an unfortunate crypto holder signed a transaction that changed the ownership of 55.47 million Dai (DAI) in the decentralized finance (DeFi) protocol Maker.
This signature enabled a phishing address to take ownership of the wallet’s stablecoins.
The holder attempted to quickly withdraw the funds after realizing the mistake, but the transaction failed because the owner change already occurred.
million phishing attack. Source: Scam Sniffer
Measures against phishing attacks and address poisoning scams
The crypto industry is taking increasingly more measures to safeguard against cyberattacks.
Notably, an anti-hack response team, SEAL (Security Alliance), led by white hat hacker and Paradigm researcher Samczsun, has received over 900 hack-related tickets since their launch in Aug. 2023.
The world’s largest exchange is also battling crypto scammers. Binance’s security experts developed an “antidote” against the growing instances of address poisoning scams that trick investors into willingly sending funds to a fraudulent address.
Address poisoning, or address spoofing, is a deception trick in which scammers send a small amount of digital assets to a wallet that closely resembles the potential victim’s address to make it part of the wallet’s transaction history, hoping that the victim will accidentally copy and send funds to their address.
$3 billion stolen in hacks — Why are crypto crimes surging? Source: YouTube
Binance’s algorithm detects spoofed addresses by first identifying suspicious transfers, such as those with near zero value or unknown tokens, pairing them with potential victim addresses, and timestamping malicious transactions to find the potential point of poisoning.
Magazine: $12.1M fraud suspect with ‘new face’ arrested, crypto scam boiler rooms busted: Asia Express