Check Point Research observed hundreds of thousands of dollars worth of crypto stolen from wallets by scammers. To lure their victims, scammers placed Google Ads at the top of Google Search that imitated popular wallets and platforms, such as Phantom App, MetaMask and Pancake Swap.
Advertisement contained a malicious link that, once clicked, directed a victim into a phishing website that copied the brand and messaging of the original wallet website. Scammers tricked their victims into giving up their wallet passwords, setting the stage for wallet theft.
A new trend emerged where, multiple scamming groups are now bidding for wallet-related keywords on Google Ads, using Google Search as an attack vector to target victims’ crypto wallets.
- Scammer places a Google Ad to appear first on a search query related to a crypto wallet
- Victim clicks on malicious link in Google Ad
- Victim is navigated to a phishing website that…
View original post 141 more words