Phishing scams targeting the cryptocurrency community have taken a troubling turn as scammers have begun to clone websites of prominent crypto media outlets like Blockworks and Ethereum blockchain scanner Etherscan. Their objective is to trick unsuspecting readers into connecting their cryptocurrency wallets to malicious sites, further complicating the already challenging landscape of cryptocurrency security.
Scammers create fake Blockworks and Etherscan websites
The scammers’ approach involves creating counterfeit versions of well-known cryptocurrency-related websites to lend an air of legitimacy to their operations. In one notable case, a fake Blockworks website emerged, featuring a fabricated “BREAKING” news report that claimed a multimillion-dollar “approvals exploit” had occurred on the decentralized exchange Uniswap. This fictitious article encouraged visitors to the site to access a counterfeit Etherscan website to revoke approvals.
The scam expanded its reach as the fake Uniswap news article was shared on Reddit across various popular crypto-related subreddits, often through compromised Reddit accounts. This tactic aimed to cast a wider net and create an illusion of credibility to lure even more victims into the scheme. The counterfeit Etherscan website was designed to appear as a token and smart contract approval checker, but beneath this facade lay a devious wallet-draining operation.
Unsuspecting users, who believed they were engaging with a legitimate service, fell victim to the scammers’ malicious intentions. A deeper analysis of the scam revealed the tactics employed by the scammers. Beosin, a blockchain security firm, scrutinized the smart contract used in the wallet-draining operation. According to their assessment, the attacker aimed to drain wallets holding at least 0.1 Ethereum, an amount valued at approximately $180. However, the execution of the drainer was flawed as it failed to initiate phishing transactions after connecting to a user’s wallet, exposing the inadequacies in the scam’s setup.
A closer look at the domain registration dates indicated that the scammers were well-prepared and coordinated. The fake Etherscan site, approvalscan.io, was registered on October 25th, followed by the fake Blockworks site, blockworks.media, a day later. This level of planning suggests a deliberate and orchestrated effort to launch their deceptive campaign. The appearance of such cloned websites is not an isolated incident.
Security vigilance in a dynamic crypto landscape
On October 25th, the Web3 anti-scam platform, Scam Sniffer, unveiled another case in which scammers had deployed a wallet-draining operation on a website mimicking the reputable crypto news outlet, Decrypt. While there are similarities between these scams, it is important to note that the scammers responsible for the fake Blockworks and Decrypt sites are separate entities with distinct fraudulent agendas. The emergence of these cloned websites underscores the importance of increased vigilance within the cryptocurrency community.
Users are urged to exercise caution when accessing cryptocurrency-related platforms and to be particularly mindful of websites requesting access to their wallets. In the rapidly evolving and expanding cryptocurrency landscape, scammers continuously adapt their tactics. Therefore, staying well-informed and practicing robust security measures is essential. One key defense against falling victim to such scams is verifying the authenticity of websites, particularly when receiving information that appears sensational or too good to be true.
Authenticating information by cross-referencing with multiple trusted sources can help users avoid falling into the trap of these deceptive schemes. Educational efforts within the cryptocurrency community are vital, and industry stakeholders must work collaboratively to raise awareness about potential threats and promote best practices for security. Additionally, individuals are encouraged to employ the use of hardware wallets and multi-factor authentication to enhance their cryptocurrency security.
The emergence of scammers cloning cryptocurrency-related websites is a worrisome development in the ongoing battle against phishing scams. These deceptive tactics highlight the need for users to be vigilant and cautious in the cryptocurrency space. As the cryptocurrency ecosystem continues to evolve, security awareness and education will remain crucial to safeguarding assets and maintaining trust within the community.