Phishing attacks within the crypto industry decreased by 46% to $38 million in April, marking the lowest amount recorded this year, according to the security firm Scam Sniffer. Notably, this decline aligns with CertiK’s findings, indicating that crypto-related exploits and scams reached a historic low of $25.7 million in April.
April’s Phishing Attack Insights
According to Scam Sniffer’s analysis, the Coinbase-backed Ethereum layer-2 network Base experienced a notable surge of 145% to $8.2 million in phishing incidents during the past month. Interestingly, two of the top 10 largest single thefts occurred on this chain, constituting 21% of the month’s total theft.
ERC-20 tokens faced the brunt of these attacks, with a staggering 88% of the stolen assets belonging to this class.
Tools and Tactics Employed by Attackers
Scam Sniffer has pinpointed fake accounts on the social media platform X (previously known as Twitter) as the primary tool utilized by scammers. These attackers impersonated prominent projects like Renzo, Avail, Ether.fi, Wormhole, and Omni. These fake accounts often displayed counterfeit verification marks, giving them an appearance of authenticity that was exploited to lure unsuspecting users.
Using these fake accounts, the attackers posted deceptive comments on social media platforms to redirect unsuspecting individuals to malicious sites where their assets could be stolen.
Additionally, the attackers frequently utilized phishing signatures such as Permit, IncreaseAllowance, and Uniswap Permit2. These malicious signatures enabled the attackers to access their victim’s funds without their knowledge.
Scam Sniffer further added that despite wallets increasing phishing alerts for certain signatures, wallet drainers are actively finding ways to circumvent these alerts by using legitimate contracts like Disperse and Uniswap Multicall, along with variants of value normalization.
Featured Image: Freepik