- ETH accounted for more than three-quarters of the losses.
- Microstrategy’s X account hack remained a big talking point.
Hackers stole nearly $47 million through crypto phishing scams in February, with the majority of users falling victim to bogus X (formerly Twitter) accounts.
According to Web3 anti-scam platform Scam Sniffer, the number of phishing victims surpassed 57,000 during the month, marking a significant 40% jump from January.
However, the overall amount lost in these attacks dropped by 14.5%.
Ethereum and ERC-20 are the biggest losers
Leading decentralized finance (DeFi) chain Ethereum [ETH] accounted for more than three-quarters of the losses, followed by layer-2 (L2) network Arbitrum [ARB] with a share of 7.4%.
As a result, it was unsurprising that ERC20 tokens accounted for 86% of the stolen assets.
Fake accounts deceive users
The biggest takeaway from the report was the extent of damage caused by fake social media accounts.
Scam Sniffer shared a picture highlighting how phishers deceived users by impersonating X accounts of major crypto projects.
One of the oldest tricks in cybercrime, phishing involves masquerading as a legitimate entity, only to steal sensitive information from unsuspecting users.
In the crypto realm, trickery is employed to extract users’ private keys. These are then used to gain access to their wallets and subsequently drain them.
The growing menace
Scam Sniffer previously reported losses of nearly $300 million due to crypto phishing scams in 2023. More than 320,000 users fell victim to such fraudulent campaigns during the year.
Of late, a new modus operandi has emerged wherein the user is enticed to click on “airdrop claim” links. Well, these are nothing but links to wallet drainer sites.
Prominent Bitcoin [BTC] whale MicroStrategy’s X account was hacked last month to post a phishing airdrop link.
Before this, email services of top Web3 companies like Token Terminal were compromised and used to send airdrop claim links. Both these incidents resulted in a substantial loss of funds.
While scammers are using sophisticated techniques to imitate the original entity, be on the lookout to spot errors like typos, content misalignment, and incorrect grammar.