Privacy-oriented DuckDuckG search engine displays phishing websites when users search for “Etherscan,” a prominent Ethereum block explorer and analytics platform.
On September 11, Scam Sniffer, an anti-scam firm on the Web3, warned DuckDuckGo users of an ongoing phishing attempt that was explicitly targeting Ether investors.
The phishing websites that imitate Etherscan prompt users to join their MetaMask wallets, a process similar to that of the official Etherscan website.
Verifying URLs before connecting crypto accounts
The user permits the hacker to extract funds from their wallet without additional authorization by unknowingly approving the connection requests.
Additionally, attackers endeavor to elevate fraudulent phishing websites to the top of other prominent search engines, including Google and Bing.
Although some individuals may deceive search algorithms to achieve an organic ranking, others prefer to attract victims by utilizing sponsored banner ads.
Scam Sniffer recently reported on a recent incident on September 10 in which a user inadvertently signed a phishing signature, resulting in the loss of over $520,000 in cryptocurrencies.
According to the investigation firm, crypto phishing schemes resulted in approximately $63 million in losses for more than 9,100 victims in August.
In a year, losses from phishing attacks increase by 215%.
In Dai, a phishing attack resulted in the loss of $55 million by one victim. Even though the number of victims decreased compared to 2023, the quantity of stolen goods increased by 215%.
Consult Cointelegraph’s guide on phishing attacks and how to prevent them.
In July, the blockchain security firm SlowMist issued an alert regarding a significant fraud attack on the Telegram-linked blockchain platform The Open Network (TON).
By Yu Xian, the founder of SlowMist:
“The Telegram ecosystem is too free, and many phishing links — or bot forms — are spread through message groups, airdrops and other deceptive methods to lure away users’ TON wallets in batches.”
According to Xian, users who establish Telegram accounts that are not associated with SIM cards are more likely to fall victim to fraudulent attacks.