Blockchain security company Forta Network has revealed that scammers generated over 7,900 blockchain wallets in May as part of their efforts to steal cryptocurrencies. The company operates a network of bots that detect scams across various blockchains, including Ethereum and Binance Smart Chain. This article explores the types of attacks employed by scammers and emphasizes the importance of transaction hygiene in safeguarding cryptocurrency assets.
Types of Attacks
Forta Network identified several types of scams used by attackers to exploit unsuspecting users:
- Ice Phishing: The most prevalent form of attack, accounting for 55.8% of incidents, involves tricking victims into signing malicious blockchain transactions. This grants access to their wallets, allowing attackers to steal their funds. Victims are often lured onto phishing websites designed to mimic legitimate crypto services.
- Social Engineering: Scammers rely on social engineering techniques to obtain users’ personal information or trick them into revealing passwords or seed phrases. Users are directed to fraudulent websites that prompt them to connect their wallets, resulting in unauthorized transactions and subsequent loss of funds.
- Exploiting Decentralized Applications (dApps): Attackers deceive users into interacting with various dApps, including decentralized exchanges (DEXs). By creating an illusion of lucrative opportunities, scammers exploit users’ fear of missing out (FOMO). Victims unwittingly approve token approval transactions, surrendering control over their assets to attackers.
NFT Exploitation and Address Poisoning
Forta Network observed scammers targeting traders of non-fungible tokens (NFTs) by exploiting vulnerabilities in NFT infrastructure. In one technique, scammers trick users into approving transactions that sell their valuable NFT holdings at significantly reduced prices. Additionally, attackers employ “address poisoning” by sending small transactions to victims’ wallets with fraudulent addresses. This aims to confuse victims, who may inadvertently copy and paste the malicious address during subsequent transactions.
Preventing Crypto Wallets Scams
To protect against such scams, users are advised to exercise caution and practice good transaction hygiene. It is crucial to verify the addresses and websites with which wallets interact. MetaMask, a popular Ethereum wallet, emphasizes that users hold ultimate responsibility for their actions and should fully understand the transactions they confirm. Wallets with built-in security features can provide an added layer of protection.
As scammers become more sophisticated, the number of blockchain wallet scams continues to rise. Forta Network’s report highlights the prevalence of attacks and the need for increased vigilance among cryptocurrency users. By staying informed, adopting best practices, and leveraging security features in wallets, users can better protect their assets in the evolving landscape of blockchain-based scams.