JAKARTA - Data from Google Ads combined with blockchain analysis reveal that more than $4 million has been stolen from users falling into malicious phishing sites promoted to Google.
According to Web3 anti-fraud service provider Scam OWNer, malicious ads for phishing sites have been widely found in Google ad searches in recent weeks. Its URL leads to fake websites asking for wallet login requests that sacrifice the user's address.
A number of decentralized protocols, websites, and financial brands, including Zapper.fi, Lido, Stargate, DefiLlama, Orbiter Finance, and Radiant, have become targets of fraud. Small changes to the official URL make it difficult for users to identify that they have clicked on malicious links.
Metadata analysis of several phishing sites in question has been linked to advertisers located in Ukraine and Canada. Users responsible for placing these malicious ads use a number of methods to bypass Google's ad review process. This includes manipulating Google's Klik ID parameters, which allow attackers to display normal web pages during Google ad review.
Other malicious ads use the anti-deboogging method to switch users with a developer tool that is enabled to a normal website, whereas click directly at leading users to malicious websites. It also allows scammers to skip some Google ad machine reviews.
An analysis of on-chain data from addresses linked to malicious websites advertised on Google from the Scam jurisprudence database shows that 4.16 million US dollars (Rp62.2 billion) have been stolen from more than 3,000 users over the past month.
Anti-fraud services follow the flow of funds to various exchange and mixing services, including SimpleSwap, Tornado Cash, KuCoin, and Binance.
Using an advertising analysis platform, Scam knowledgeer shows that the promotion cost of phishing websites related to crypto is very profitable. The average cost per click for associated keywords is between 1 to 2 US dollars.
Estimating a conversion rate of 40% of the 7,500 users who click on malicious ads, fraudsters have spent about $1,500 for advertising that has provided their malicious investment returns of 276%, given the 4 million dollars stolen to date.
Reports from Russia's cybersecurity and antiviral provider, Kaspersky, showed an increase in crypto-related phishing attacks by 2022, an increase of 40% year on year, with more than 5 million phishing attacks identified last year.
The English, Chinese, Japanese, Arabic, and French versions are automatically generated by the AI. So there may still be inaccuracies in translating, please always see Indonesian as our main language. (system supported by DigitalSiber.id)