A new Google ad scam is stealing crypto wallets, a new study by Check Point Research (CPR) warns. A new scam resulted in the theft of millions of dollars worth of cryptocurrency last weekend. According to the report, scammers placed ads at the top of Google searches impersonating popular wallet brands such as Phantom and Metamask, forcing users to leave their passwords and personal wallets for the wallets. Checkpoint Research estimates that within days, $500,000 worth of cryptocurrency (about 3.72 rupees) was stolen.
In a new blog post, Checkpoint Research explains that attackers use Google search as an attack vector to attack victims’ crypto wallets. Scammers have been found to have stolen millions of dollars in cryptocurrency from their wallets. To impersonate their victims by impersonating popular wallets and platforms like Phantom App, Metamask, and Pancake Swap, scammers place Google ads at the top of Google searches. Each ad contains a malicious link which, when clicked, takes the victim to a phishing website that copies the brand and message of the real wallet website. From here, the scammers trick their victims into giving out their wallet passwords and pave the way for wallet theft.
Checkpoint Research has asked the crypto community to remain vigilant. The official domain “phantom.app” has many types of phishing like phanton.app or phantonn.app or various extensions like “.pw” and many others. According to the report, 11 compromised accounts were found in the wallets, which each contained between $1,000 (approximately rupees 74,400 rupees) and US$10,000 (approximately 7,740,000 rupees) worth of cryptocurrency. Checkpoint Research estimates that $500,000 (approximately Rs. 372 lakh) was stolen last weekend.
To protect crypto wallets from phishing sites, users should check the browser URL and look for the extension icon. It is recommended that you do not share your password with anyone. It is also recommended to exclude ads from Google searches and always choose the first site in the results.