Crypto phishing scam drains $600,000 from users tricked by fake airdrops
Scammers used fake airdrop campaigns and trustworthy crypto brands to lure victims.
Share this article
A massive phishing scam stole almost $600,000 in almost 10 hours today, according to the pseudonymous on-chain detective ZachXBT. After amassing the six-figure amount, the scammer sent around $520,000 in Ether (ETH) to Railgun’s mixer, blockchain analytics firm Nansen pointed out a few hours later.
Community Alert: Phishing emails are currently being sent out that appear to be from CoinTelegraph, Wallet Connect, Token Terminal and DeFi team emails.
~$580K has been stolen so far
— ZachXBT (@zachxbt) January 23, 2024
Phishing is a type of scam where bad agents mimic the websites of trustworthy firms to lure users into giving their personal information. In this case, the scammer sent emails posing as Cointelegraph, Token Terminal, Wallet Connect, and De.Fi.
Nansen data shows that the scammer left more than $80,000 in the address where the stolen funds were sent. Funds are distributed across around 280 different tokens.
All phishing emails had one thing in common: fake airdrop campaigns. Following the JITO token airdrop, which paid $10,000 on average to users of Solana’s liquid staking protocol, the crypto community has been on a rampage hunting for those rewards directed to early adopters.
Google Trends data shows that searches for ‘crypto airdrop’ jumped from 25 out of 100 points in October 2023 to 81 points as of Jan. 19. The searches peaked at 100 points on two occasions during this time frame.
In another security incident within the last 24 hours, Nois’ X (formerly Twitter) account was breached. Nois is a layer-1 blockchain built in Cosmos’ ecosystem dedicated to generating true randomness on-chain. After its X account was hacked, the bad agents published a link to a fake airdrop. Until the time of writing, the Nois team didn’t reveal how much was stolen from users.