There is some scary news in the Ethereum community: many fake ads on the popular blockchain viewer Etherscan are part of a bigger phishing plan directly aimed at Etherscan users.
On April 8, a vigilant member of the community known as McBiblets raised the alarm by pointing out that some ads on Etherscan could be threats. McBiblets warned people that clicking on these ads could take them to phishing websites meant to steal funds from people who don’t know what’s happening.
Etherscan Phishing Spreads Across Major Platforms
When the problem was investigated further, it was found that these phishing ads weren’t just on Etherscan but also on several well-known scamming platforms. Following McBiblets’ lead, the web3 anti-scam platform Scam Sniffer found proof that the fake ads had moved beyond Etherscan and were now showing up on Google, Bing, DuckDuckGo, and a well-known social media site.
Scam Sniffer warned that the wide distribution of these phishing ads was due to ad brokers’ lack of strict controls. “Etherscan aggregates ads from platforms like Coinzilla and Persona, where inadequate filtering could lead to exposure to phishing attempts,” they said.
This type of fraud, called “wallet drainer fraud,” involves tricking people into visiting fake websites and forcing them to confirm their cryptocurrency wallet links. When linked, scammers can take funds from victims’ wallets without their permission or verification.
23pds, chief information security officer at SlowMist, agreed with the warning and told Etherscan users to be careful: “Be careful, there are phishing ads on Etherscan.”
People think the well-known cyber-phishing group Angel Drainer is behind this ongoing operation, but there isn’t any solid proof yet.
The scary news comes at a time when phishing schemes are targeting the cryptocurrency business more than ever. According to information from Scam Sniffer, these scams stole $104 million from about 97,000 crypto users in the first few months of this year. In particular, Ethereum users lost $78 million worth of assets, such as ETH and ERC20 coins.
Cybercriminals’ main method is to trick people into signing harmful phishing signs like “Uniswap Permit2” and “increase allowance,” which lets hackers access their digital assets without permission.
Scam Sniffer explained the common method: “Most of the thefts of all ERC20 tokens were due to assets being stolen due to signing phishing signatures such as Permit, IncreaseAllowance, and Uniswap Permit2.”
The most important thing is that social media sites, especially one called X, have become great places for cybercriminals to trick people into giving them their digital assets by pretending to be legitimate Bitcoin organizations.
As the Ethereum community deals with the growing danger of phishing campaigns, users must be more aware of these bad activities and take strict security measures to avoid falling for them.
