Approval phishing scams ‘a much bigger problem’ than first thought

As a seasoned researcher with years of experience under my belt, I’ve witnessed the evolution of cybercrime and its relentless attempts to outsmart legitimate users. The recent surge in approval phishing attacks has left me both alarmed and amused – alarmed at the potential financial devastation these scams can inflict on unsuspecting victims, and amused by the sheer audacity of criminals who think they can pull a fast one during a bull market.


Beginning from May 2021, an astounding sum of $2.7 billion has been swindled due to approval phishing scams, with a global operation ultimately exposing a single individual caught in the act of falling prey to such fraud.

A widespread operation has been launched to thwart cybercriminals engaged in “approval phishing.”

As per Chainalysis’ findings, these types of attacks typically trick innocent users into approving harmful blockchain transactions, frequently done using counterfeit cryptocurrency applications.

Upon its completion, these tokens within a scammer’s wallet could be freely spent, posing a potential risk of depleting an individual’s life savings under specific situations. As a researcher studying this issue, I am deeply concerned about the implications this might have on vulnerable users.

Approval phishing scams ‘a much bigger problem’ than first thought

In September 2023, a highly publicized event resulted in an individual unfortunately forfeiting a massive 24.23 million dollars worth of Ethereum they had deposited in their digital wallet.

Beginning from May 2021, an astounding sum of $2.7 billion has been swindled through phishing scams that target approval processes. This blockchain analysis company emphasizes that the issue is far more extensive than previously understood.

In my own words, as a crypto investor, I’m keeping a close eye on the latest developments from Chainalysis. They’ve just initiated “Operation Spincaster,” an effort designed to spot compromised wallets swiftly, preventing potential losses for us in the community before any significant harm occurs.

Speedy journeys spanning over six nations resulted in the discovery of over 7,000 potential leads; estimated financial losses from these instances were roughly around $162 million.

In an extraordinary turn of events, one of the victims received a notification, informing them they were currently part of an active fraud scheme. This meant that the authorization previously granted to the scammer could potentially be rescinded, preventing the loss of cryptocurrency valued at hundreds of thousands of dollars.

The operation known as Spincaster demonstrates that law enforcement is increasingly relying on insights derived from blockchain analysis. This method capitalizes on the inherent transparency of blockchain technology to track the movement of illegal funds within the system.

230 British citizens have been identified as victims by the National Crime Agency, who pledge to track down and prosecute the perpetrators regardless of their location. In this regard, Celestino Calabrese, the acting head of illicit finance at the NCA, stated:

Our efforts have safeguarded vulnerable individuals within the United Kingdom and opened paths for us to confront criminal organizations inflicting severe damage. A number of these entities operate from abroad, employing complex tactics to win over unwitting investors’ confidence.

Although some law enforcement agencies are starting to employ cryptocurrency investigators, these units can sometimes be experimental and understaffed. Combining efforts with cryptocurrency exchanges, where stolen funds are often transferred, provides additional resources for these agencies to achieve successful results, as stated by Ruben van Well of the Dutch National Police.

At the conclusion of the sprint, we managed to establish tracking mechanisms and lock down various wallets, thereby preventing additional financial losses for affected individuals. The partnerships and joint operations initiated under Operation Spincaster represent a significant milestone in our mission to dismantle and prevent scams within our environment.

Binance took part in Operation Spincaster and plans to extend this operation to more countries globally. Besides tracking money transactions, their team was also responsible for identifying affected individuals, informing them about the fraud, and providing educational resources to prevent similar incidents from happening again in the future.

As per Chainalysis’ findings, educating cryptocurrency users is key to combatting scams. Regrettably, it’s not uncommon for seasoned investors to become victims of phishing attempts as well. Further insights from the company state:

Digital currency trading platforms play a crucial role in identifying and thwarting approval phishing schemes. It’s important for them to adopt proactive transaction surveillance, instead of just reacting, and develop a strong risk management system to effectively fight off and deter these threats.

As a cautious analyst, I would emphasize that, given the ongoing issue of approval phishing, it’s crucial for cryptocurrency holders to exercise extreme caution. If you receive requests to swiftly transfer funds or disclose personal details, even if they appear official, be vigilant. Remember, your safety and security should always come first.

Frequently, it’s wise to pause for a moment, conduct some self-guided research using search engines and social media platforms, to ascertain whether a request appears authentic. After all, when something appears overly advantageous, it may often turn out to be untrue.

Cybercriminals are constantly evolving their strategies as people become more aware of them, which is evident in the rise of approval phishing. This tactic, coupled with the surge in hacks, makes investing in cryptocurrency risky, and this risk could potentially slow down its broader acceptance worldwide.

Read More

Sorry. No data so far.

2024-08-03 21:06