Tricks often used by crypto phishing scammers

Phishing as you are aware is the fraudulent practice of sending emails or other messages claiming to be from reputable companies to get you to reveal personal information, such as passwords and credit card numbers.

If you eventually fall for it, from the end, the scammer will hit you that hard and this usually results in loss of funds, as well as other personal effects of interest in line with the purported scam.

As a crypto assets investor, we thought it wise to bring your notice to tricks used by crypto phishing scammers, to prey on their unsuspecting victims, and to further put you on your toes while you are security conscious.

SlowMist found that across 303 recorded blockchain security incidents in 2022, nearly a third were made up of phishing attacks, rug pulls, and scams.

Some of the phishing tricks used in 2022 are;

1) Malicious browser bookmarks

The malicious browser bookmarks make use of bookmark managers, a feature in most modern browsers.

Scammers have been exploiting these to gain access to a project owner’s Discord account according to SlowMist.

“By inserting JavaScript code into bookmarks through these phishing pages, attackers can potentially gain access to a Discord user’s information and take over the permissions of a project owner’s account.”

After guiding victims to add the malicious bookmark through a phishing page, the scammer waits until the victim clicks on the bookmark while logged in to Discord, which triggers the implanted JavaScript code and sends the victim’s personal information to the scammer’s Discord channel.

During this process, the scammer can steal a victim’s Discord token usually an encrypted Discord username and password, thus gaining access to their accounts, this allows them to post more fake messages and links to more phishing scams while posing as a victim.

2) Zero-dollar purchase NFT phishing

Out of the 56 recorded NFT security breaches, 22 came up as the result of phishing attacks, according to SlowMsit.

This is a popular method used by scammers to trick their unsuspecting victims into signing over NFTs for practically nothing through a phony sales order.

Once the victim signs the order, the scammer can purchase the user NFTs through a marketplace at a price determined by them.

“Unfortunately, it’s not possible to deauthorize a stolen signature through sites like Revoke,” SlowMist stressed.

3) Trojan Horse currency theft

This type of attack usually occurs through private messages on Discord where the attacker invites victims to participate in testing a new project, then sends a program in the form of a compressed file that contains an executable file of about 800 MB.

Having downloaded the program, it will scan for files containing key phrases like wallet and upload them to the attacker’s server.

“The latest version of RedLine Stealer also can steal cryptocurrency, scanning for installed digital currency wallet information on the local computer and uploading it to a remote control machine.”

“Redline Stealer can also upload and download files, execute commands, and send back periodic information about the infected computer.”

4) Blank check’ eth_sign phishing

This phishing attack allows scammers to use your private key to sign any transaction they choose. After connecting your wallet to a scam site, a signature application box may pop up with a red warning from MetaMask.

After signing, attackers gain access to your signature, allowing them to construct any data and ask you to sign it through eth_sign.

“This type of phishing can be very confusing, especially when it comes to authorization.”

5) Same ending number transfer scam

For this purpose, attackers airdrop small amounts of tokens such as 0.01 USDT or 0.001 USDT to victims with similar addresses except for the last few digits. The goal is to trick users into accidentally copying the wrong address in their transfer history.

The rest of the 2022 report covered other blockchain security incidents over the year, this includes contract vulnerabilities and private key leakage.

Leave a comment