Crypto Phishing Impersonates Reputable Sites To Scam Users

Key Points:

• Scammers exploit fake emails from major Web3 firms, stealing over $580,000.
• ZachXBT flags multichain addresses, while Cointelegraph confirms crypto phishing and warns users.
• Phishing extends to Web3 SocialFi and De.Fi app users.

In a series of sophisticated crypto phishing attacks, scammers have successfully stolen over $580,000 from unsuspecting victims, employing email addresses mimicking major Web3 companies such as Cointelegraph, WalletConnect, and Token Terminal.

Read more: How to Avoid Cryptographic Phishing Attacks?

ZachXBT, a cryptocurrency investigator, raised the alarm by identifying a multichain address linked to the ongoing crypto phishing scheme, which has been accumulating stolen cryptocurrency since the delivery of the deceptive emails. The wallet comprises 280 different cryptocurrency tokens, with 86% of its portfolio consisting of Ether, totaling 227 ETH at the latest count.

Cointelegraph responded to user inquiries about purported airdrop announcements, clarifying that they did not initiate any airdrops. The news outlet confirmed the emails as fraudulent “phishing” attempts, cautioning users against clicking on links or engaging with individuals claiming affiliation with the Cointelegraph team to prevent potential asset losses.

Crypto phishing attacks, a prevalent method of stealing cryptocurrency, involve tricking users into divulging sensitive information. A notorious piece of malware named “Wallet Drainner” is often employed by hackers, automatically siphoning assets from crypto wallets when users access fake links on websites or social media platforms like Discord, Twitter, and Google search results.

The scammers have extended their reach to users of Web3 SocialFi and the antivirus app De.Fi, promoting a launchpad launch via email and offering a link to a fake airdrop.

Additionally, a bogus announcement for a Token Terminal beta launch, complete with a claim button for a fictitious airdrop, is circulating as part of the ongoing phishing campaign. Crypto users are advised to exercise caution and refrain from engaging with suspicious emails and links to safeguard their assets.