A new scam campaign is abusing Google Ads to steal cryptocurrency from victims, researchers have found.
According to a new report from Check Point Research, hundreds of thousands of dollars worth of cryptocurrency was recently stolen from users’ crypto wallets by scammers.
While scammers traditionally use email to launch their phishing campaigns, in this case, they placed Google Ads at the top of Google Search imitating popular crypto wallets and platforms including Phantom App, MetaMask and Pancake Swap in an attempt to lure their victims. At the same time, multiple scamming groups are now bidding for wallet-related keywords on Google Ads and are using Google Search as an attack vector to target victims’ crypto wallets.
Each of the fake advertisements used in the campaign contain a malicious link that when clicked, directs victims to a phishing site which copies the brand and messaging of the original crypto wallet website. From here, the scammers trick their victims into giving up their wallet passwords in order to steal their contents.
Once a victim navigates to the scammers’ fake websites, they attempts to steal their passphrase if they already have a crypto wallet with the service or they provide a new passphrase for those creating a wallet for the first time. Either way though, the scammers gain access to a victim’s crypto wallet and can then proceed to steal all of their cryptocurrency.
Check Point found 11 compromised wallet accounts with each of…