Crypto Thieves Exploit Targeted Approval Phishing, Siphoning Off $374M in 2023, says Chainalysis Report
Summary:
Cryptocurrency thieves are evolving their strategies, resorting to a method known as targeted approval phishing, according to a report by on-chain analytics firm Chainalysis. This trick involves duping victims into signing transactions that allow scammers to access their cryptocurrency wallets and withdraw their funds. The report suggests the technique, which has seen significant growth over the past two years, may have accounted for at least $374 million in stolen crypto in 2023. The scam, commonly called pig-butchering, often starts on dating sites where the scammer builds trust with their victim over time, eventually persuading them into fake investments.
Smooth-talking fraudsters who specialize in crypto theft have discovered a new method known as targeted approval phishing. Chainalysis, a firm specializing in on-chain analytics, highlighted this technique in their Dec. 14 report, noting its significant increase over the past two years. The report estimates that crypto worth $374 million was probably stolen in 2023 using this technique. In targeted approval phishing, scammers deceive victims into authorizing transactions that grant them access to their virtual wallets, thereby making it easier to siphon off funds. According to Chainalysis, this method has gained popularity among pig-butchering swindlers, scam artists who befriend their victims on dating websites before luring them into sham investment opportunities. The term 'pig-butchering’ is an analogy for fattening up a target by extracting as many funds as possible before making a swift exit.
Eric Jardine, the cybercrimes research lead at Chainalysis, told Cointelegraph that the shift towards approval phishing represents a change in tactics for crypto pig-butchering con artists. He highlighted that these scams typically played out over a longer period, with the scammer gradually introducing a seemingly successful crypto investment site, convincing the target to invest heavily. The scammer would then disappear once the victim became suspicious, or they believed they had plundered the victim's resources. Conversely, this new method focuses on persuading victims to authorize a transaction that enables the scammer to drain their funds.
Taylor Monahan, MetaMask's lead product manager, discovered over a thousand addresses associated with targeted approval phishing scams. These scams have allegedly stolen an estimated $1 billion from victims since May 2021. However, Chainalysis suggests the actual figure might be considerably higher as romance scams are typically underreported. The report additionally reveals that one address, purportedly associated with approval phishing scams, appears to have made a profit of $44.3 million from thousands of victims. The firm's research indicates that the top 10 approval phishing addresses can collectively account for nearly 16% of the total value stolen during the time period studied. To conclude the report, Chainalysis suggests that educating users not to authorize any transactions until they are confident they trust the recipient could be an effective safeguard.
Published At
12/14/2023 5:00:00 PM
Disclaimer: Algoine does not endorse any content or product on this page. Readers should conduct their own research before taking any actions related to the asset, company, or any information in this article and assume full responsibility for their decisions. This article should not be considered as investment advice. Our news is prepared with AI support.
Do you suspect this content may be misleading, incomplete, or inappropriate in any way, requiring modification or removal?
We appreciate your report.