Crypto Scams and the Approval Phishing Technique: Insights from Chainalysis
Approval phishing, a growing technique in crypto scams, has been identified by Eric Jardine, Cybercrime Research Lead at Chainalysis. In 2023 alone, hackers stole cryptocurrency worth $374 million, a decrease from the estimated $516.8 million in 2022.
Approval phishing involves scammers gaining complete access to victims’ wallets by tricking them into signing fraudulent blockchain transactions. This technique is commonly used in romance scams and takes advantage of users’ familiarity with approving requests on decentralized applications (dApps).
“Although the approvals granted to dApps are generally secure, scammers take advantage of the fact that many users are accustomed to accepting this type of request. What differentiates a safe operation from a riskier one is the level of authorization granted and the reliability of the recipient of such authorization.”
Crypto Scam and Explanations on Approval Phishing from Chainalysis
Approval phishing involves scammers establishing personal relationships with victims to gain their trust before convincing them to sign fraudulent transactions. This personalized approach makes it challenging to track and verify these transactions on the blockchain.
Chainalysis suggests that educating users is crucial in combating this type of scam. Monitoring suspicious wallets on centralized exchanges can help identify scammers who cash out. Compliance teams can freeze funds or report them to law enforcement.
“In a broader sense, the industry can work to educate users about the level of access they grant every time they approve a transaction, reiterating the importance of not accepting such requests unless there is absolute trust in the person or company they are dealing with.”
The Phishing Attack on Vitalik Buterin’s X Account
In addition to approval phishing, email phishing remains a common technique. One notable incident occurred in September 2023 when scammers targeted Vitalik Buterin’s X account, co-founder of Ethereum, and stole $700,000 from users.
The scammers used Buterin’s compromised account to promote a fake commemorative NFT coin and enticed users to mint these NFTs with a limited-time offer. Through the “Pink drainer software” tool, victims who clicked on the phishing website link unknowingly fell victim to the scam.
Hot Take: The Growing Threat of Approval Phishing in Crypto Scams
Approval phishing is a rapidly growing technique used by scammers in crypto scams. By exploiting users’ familiarity with approving requests on dApps, scammers gain complete access to victims’ wallets. This personalized approach, often seen in romance scams, makes it difficult to track and verify fraudulent transactions on the blockchain.
To combat approval phishing, Chainalysis emphasizes the importance of educating users about granting access and trusting recipients. Monitoring suspicious wallets on centralized exchanges can help identify scammers and take appropriate action. However, user awareness and caution remain crucial in preventing falling victim to these scams.
By
By
By
By