Thursday, November 14, 2024

Over $580,000 Drained in Phishing Scams Targeting Web3 Firms – What’s Going On?

Author: CoinSense

About $580,000 has been drained following a calculated phishing campaign targeting at least four web3 firms’ email addresses.

Digital asset scam detective, ZackXBT commented on the developments on X (formerly Twitter). He flagged several emails sent out in a calculated attempt to appear to be from web3 firms including WalletConnect, Token Terminal, CoinTelegraph, and DeFi.

The phishing emails sent from accounts that resemble those of the companies contained fake links. The links lured users mostly in anticipation of community airdrops leading to asset losses of half a million dollars.

The address 0xe7D13137923142A0424771E1778865b88752B3c7 was flagged by the investigator adding that approximately $580,000 has been stolen so far. The platforms impersonated in the emails quickly released statements warning users not to interact with those links.

Token Terminal and Wallet Connect targeted

On Jan 23, bad actors targeted Token Terminal claiming to be rolling out an early access airdrop with a link that led to the scammers gaining assets to user funds.

We are on the verge of unveiling the better version of Token Terminal and we want you to be among the first to Explore its unique features and capabilities. To express our gratitude for your continued support we’ve decided to celebrate this milestone With a special airdrop exclusively for our community members.” 

The platform immediately sent out a disclaimer on X that it is not real and will open an investigation following up with the community shortly.

WalletConnect’s scenario also follows a similar pattern with claims of a rare opportunity to join something extraordinary to elevate their cryptocurrency experience to new heights.

The platform notified users of the scammers’ plot urging users not to interact with the phishing links to claim an airdrop adding that it would conduct an investigation.

We can confirm that this email was not issued directly from WalletConnect or any WalletConnect affiliates and that the link appears to lead to a malicious site. We are working with @blockaid_ to investigate further.” 

De.Fi users were hit with the same email pattern claiming to reward users towards their decentralization journey stating that the future of DeFi is in the hands of the community.

We have identified suspicious activity associated with our [email protected] email. Please do not interact with this email address until further updates! Our team is currently working on resolving all issues.” 

Phishing Incidents Rampage the Crypto Space

Last year, wallet drainers exploited over $300 million from about 324,000 victims through phishing scams raising broader concerns about the safety of the digital asset community.

Cryptonews published a ScamSniffers report on the growing rate of phishing scams that target official social media accounts of crypto companies and personalities to spread compromised links.