Join +750K new investors every month who copy stock picks from billionaire's portfoliosSign Up Free

Beware of crypto scams: $374 million 'stolen' this year

Published 18/12/2023, 11:38
© Reuters.
ETH/USD
-

Investing.com - With 2023 coming to a close, Chainalysis, the blockchain data platform, today announced the results of its research into phishing scams over the past year. This technique, in which fraudsters trick their victims into signing a blockchain transaction that allows them to spend specific tokens within the victim's wallet, led to thefts of at least $374 million over the course of 2023. While this figure is significant, it is a 27% drop from the $516.8m stolen in 2022 with this type of scam.

Chainalysis experts believe that the success of phishing can be attributed to the fact that many decentralised applications (dApps) on smart contract-enabled blockchains, such as Ethereum, require users to sign approvals to give the dApps' smart contracts permission to move funds from the user's address. "While approvals granted to protect dApps are generally secure, criminals can take advantage of the fact that many cryptocurrency users are accustomed to approving transaction approvals. The key difference is in what kind of permissions are given, and the trustworthiness of the party receiving that permission," explained Eric Jardine, Cybercrime Research Lead at Chainalysis.

The research also suggests that these criminals are increasingly targeting specific victims, building relationships with them and using tactics related to romance scams to convince them to sign approvals. This also raises concern about the volume of funds scammed using this method, which could be significantly higher than the $1bn detected by Chainalysis since May 2021, given that romance scams are often personalised, difficult to verify on the blockchain and under-reported.

Interestingly, like many other cryptocurrency crimes, the vast majority of phishing thefts are driven by certain highly successful groups. Of the 1,013 addresses Chainalysis detected in this type of scam, it appears that the most successful phishing address likely stole $44.3 million from thousands of victim addresses, accounting for 4.4% of the total. The top ten phishing addresses combined accounted for 15.9% of all value stolen, while the top 73 accounted for half of all value stolen in the period analysed.

Regarding how the cryptocurrency industry can address this problem, Chainalysis highlights the need to educate users and employ pattern recognition practices. "Given that these fraudsters generally withdraw money using centralised exchanges, compliance teams at these service providers could monitor the blockchain for suspicious phishing consolidation wallets with strong exposure to target addresses. They could then see in real time when funds move onto their platform and take action, such as automatically freezing funds or informing law enforcement," Jardine explained.

"More generally, the industry can work on educating users not to sign approvals on transactions unless they are absolutely sure that they trust the person or company they are in contact with, or that they understand the level of access they are granting," Jardine concludes.

Translated from Spanish using DeepL.

Latest comments

Risk Disclosure: Trading in financial instruments and/or cryptocurrencies involves high risks including the risk of losing some, or all, of your investment amount, and may not be suitable for all investors. Prices of cryptocurrencies are extremely volatile and may be affected by external factors such as financial, regulatory or political events. Trading on margin increases the financial risks.
Before deciding to trade in financial instrument or cryptocurrencies you should be fully informed of the risks and costs associated with trading the financial markets, carefully consider your investment objectives, level of experience, and risk appetite, and seek professional advice where needed.
Fusion Media would like to remind you that the data contained in this website is not necessarily real-time nor accurate. The data and prices on the website are not necessarily provided by any market or exchange, but may be provided by market makers, and so prices may not be accurate and may differ from the actual price at any given market, meaning prices are indicative and not appropriate for trading purposes. Fusion Media and any provider of the data contained in this website will not accept liability for any loss or damage as a result of your trading, or your reliance on the information contained within this website.
It is prohibited to use, store, reproduce, display, modify, transmit or distribute the data contained in this website without the explicit prior written permission of Fusion Media and/or the data provider. All intellectual property rights are reserved by the providers and/or the exchange providing the data contained in this website.
Fusion Media may be compensated by the advertisers that appear on the website, based on your interaction with the advertisements or advertisers.
© 2007-2024 - Fusion Media Limited. All Rights Reserved.