Nikolas Sargeant
Counterfeit accounts on platform X led to the victimization of more than 57,000 users in February's surge of crypto phishing scams, resulting in losses exceeding $46.8 million, according to the latest report from Scam Sniffer. The report highlights that most victims were ensnared by phishing comments from imposter Twitter accounts.
Scam Sniffer's findings reveal that the Ethereum mainnet witnessed 78% of the total thefts, predominantly targeting ERC-20 tokens, which accounted for 86% of all pilfered assets. Notably, Ethereum token thefts were predominantly linked to users approving phishing signatures and transactions, such as Permit, IncreaseAllowance, and Uniswap Permit2.
The report notes a shift among wallet drainers towards employing account abstraction wallets as token approval spenders, leveraging enhanced functionality and smart contract compatibility.
Despite a higher number of phishing victims compared to January, February experienced a decrease in the total stolen amount from the first month of the year. Moreover, there was a significant reduction in the number of victims losing over $1 million.
Scammers continue to exploit social media accounts of high-profile figures, employing tactics like creating fake accounts or hacking genuine ones to post phishing links. MicroStrategy's X account suffered a breach in February, resulting in the theft of approximately $440,000 in crypto.
Notably, accounts of prominent entities like Compound Finance, Rocket Pool, Blockchain Capital, and even Vitalik Buterin have fallen victim to crypto phishers in recent months.
A December report by Cointelegraph highlighted the rising trend of "approval phishing" methods employed by crypto scammers to steal funds, where victims unknowingly sign transactions granting scammers access to their wallets.
A United States Federal Bureau of Investigation report also indicates that Millennials are particularly vulnerable to falling victim to investment fraud.
