Cryptocurrency scams are escalating, exposing users to increasing risks. One case resulted in a loss of over $1.23 million on Uniswap.
The Scam Incident
A DeFi user reportedly lost over $1.23 million in Uniswap NFTs after signing a malicious transaction on a phishing website. The user was deceived by a phishing platform mimicking the legitimate Uniswap site.
Operation of Phishing Sites
According to Scam Sniffer, the user accessed a phishing site that appeared to be a legitimate Uniswap resource. The user signed a malicious transaction that included a line allowing auto-approval for future transfers, enabling the attackers to access all NFTs on Uniswap V3.
Google's Role in Fraud Propagation
Phishing sites are widely employed by scammers, especially using Google Ads. Attackers utilize Punycode URLs, rendering their addresses nearly identical to legitimate ones. Users only need to sign a malicious smart contract to give the scammers access to their assets. Despite the scale of the issue, Google seems to inadequately verify its advertisers.
The instance of losing over $1.23 million highlights the growing issue of fraud in the cryptocurrency space and the insufficient user protection against such attacks. The importance of vigilance and caution is becoming increasingly crucial.
