Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Cryptocurrency investors faced a sharp increase in sophisticated “phishing” attacks in January, with losses growing by more than 200%.
According to data from blockchain security company Scam Sniffer, phishing scams drained about $6.3 million from users’ wallets in the first month of the year. While the number of raw victims decreased by 11%, the total value stolen increased by 207% from December levels.
Phishing Phishing and headline poisoning wreaked havoc in January
This difference highlights a tactical shift between… Cybercriminals are out to “hunt whales.” The strategy includes targeting Fewer high net worth individuals Instead of scaling up small accounts.
Sponsored
Sponsored
Scam Sniffer said that only two victims make up about 65% of All phishing losses In January. In the largest single incident, a user lost $3.02 million after signing a malicious “increase allowance” feature.
These mechanisms give unlimited third-party access to transfer tokens from the wallet. This allows attackers to drain funds without having to approve a specific transaction.
While signature scams rely on confusing permissions, there are… A separate and equally damaging threat known as “head poisoning” also plagues this sector.
In an impressive example of this technique, One investor lost $12.25 million in January After sending money to a fraudulent address.
Title naming exploits user habits by creating “selfish” or “similar” titles. These fraudulent strings mimic the first and last characters of a legitimate wallet found in the user’s transaction history.
The attacker hopes that the user will copy and paste the compromised address from their history instead of checking the entire string.
The increase in such incidents has prompted Safe Labs, the developer, to push… The popular multi-signature wallet formerly known as Gnosis Safe, To issue a security notice. The company identified a coordinated social engineering campaign targeting its user base, using approximately 5,000 malicious URLs.
“We have identified a coordinated effort by malicious actors to create thousands of similar security addresses designed to trick users into sending funds to the wrong destination. This is social engineering with address poisoning.” She stated Company.
Therefore, the company warned users to always check the full alphanumeric string of any received address before performing high-value transfers.
