Recent data from Google Ads and blockchain analytics has shown that malicious phishing websites promoted on Google have resulted in users losing over 4 million USD. These fraudulent websites are advertised on Google and lead to fake sites that prompt users to log in and compromise their wallet addresses.

Scammers have targeted several decentralized finance protocols, websites, and brands such as Zapper.fi, Lido, and Stargate, among others. The URLs of these fraudulent websites have slight differences that make it challenging for users to detect that they have clicked on malicious links.

Scammers have been found to be located in Canada and Ukraine, and they use various methods, including manipulating Google’s Click ID parameter, to bypass the ad review process.

ScamSniffer has identified malicious adverts that redirect users to fraudulent websites that prompt wallet login signature requests, thereby compromising users’ addresses. Scammers have used various methods to bypass Google’s ad review process, including manipulating the Google Click ID parameter and using anti-debugging methods to redirect users with developer tools.

ScamSniffer has followed on-chain flows of funds to exchanges and mixing services, including SimpleSwap, Tornado Cash, KuCoin, and Binance. These phishing attacks appear to be profitable, with a conversion rate of 40% from 7,500 users clicking on malicious ads, generating a return on investment of 276%.

A report from Kaspersky revealed a 40% increase in crypto-related phishing attacks in 2022, with over 5 million phishing attacks identified last year.

Sources:

https://www.investing.com/news/cryptocurrency-news/google-ads-data-4m-stolen-through-crypto-phishing-urls-3066144

https://cointelegraph.com/news/google-ads-data-4m-stolen-through-crypto-phishing-urls

https://bitcoinist.com/crypto-scammers-stole-4m-google-ads/

https://blockchain.news/news/google-ads-used-in-4m-crypto-phishing-scam