In May, scammers spun up at least 7,905 blockchain wallets to collect crypto they had stolen from ordinary users, according to blockchain security company Forta Network. Forta, which recently launched its own token, operates a network of bots that detect various kinds of scams on Ethereum, Binance Smart Chain, Polygon, Optimism, Avalanche, Arbitrum and Fantom blockchains. Cristian Seifert, researcher-in-residence at Forta, said Forta’s algorithms can detect anomalous behavior while scanning transactions on blockchains.
The most prevalent kind of attack in May was the so-called “ice phishing” technique, which accounted for 55.8% of all the attacks registered by Forta. This type of attack does not aim directly for users’ private information, but instead tricks a victim into signing a malicious blockchain transaction that opens access to the victim’s wallet so the attacker can steal all the money.
“A lot of attacks are social engineering attacks: users are being lured to a website, a website asks them to connect their wallet, a transaction pops up, a user approves it and their money is gone,” Seifert said.
In a similar scam, attackers attempt to trick users into interacting with various decentralized applications (dapps), including decentralized exchanges (DEXs). These scams rely on “token approval” transactions, one of the most common uses for non-custodial Web3 wallets.
Another attack targets traders of non-fungible tokens (NFT). Attackers sniff around for users with valuable NFTs and try to trick them into approving transactions that would sell their valuable holdings at a fraction of the market price.
“Users click, click, click and transactions pop up, often with a timer, and users approve them without checking,” Seifert said.
According to Seifert, there are two crucial steps to ice phishing: “luring a victim onto a [malicious] website and creating a positive narrative.”
Forta assigns blockchain wallets different risk scores referring to their involvement in potential scammy behavior. “We have a set of detection bots, machine learning models that monitor transactions in real time and look for specific conditions and behavior, for example, for contracts with lines like “security update” in their code,” he said.
To protect themselves from scammers, users should always pay attention to the addresses their wallet interacts with and ideally use wallets with security features built in.