Crypto scammers, who hunt for unsuspecting victims on various social networking platforms, are now expanding their footprint to the Google search engine. Preying on people’s tendencies to interact with advertisements on Google, these scammers are now tapping into the popular search engine to facilitate their own malicious crimes. This week, an individual lost $900,000 (roughly Rs. 7.4 crore) via an ad phishing scam, Web3 tracker Scam Sniffer recently identified. The incident set the alarm bells ringing and a deeper dive into the subject revealed some shocking details.
A cyber researcher, who goes by the username of @0xngmi on X, has sounded an alert about crypto criminals scamming people using legitimate sites on Google. 0xngmi is a researcher with Web3 firm DeFiLlama.
These cyber criminals are purchasing advertisements for real sites on Google. When potential victims engage with the links, they are sent to ‘kochava.com’, which is an ad network that later redirects people to fabricated scam websites.
The researcher posted a screenshot on X showing how the DeFiLlama website itself was being mimicked by impersonators. The scam website was identified by a ‘Sponsored’ tag displayed above the website, showed 0xngmi’s screenshot.
There’s a new crypto scam on google
Scammers will buy an ad for a proper crypto website on google, with the proper URL
Then when users click on it they get sent to an ad network (https://t.co/k5azsHhC2s) to track the click, but that network redirects to a scam site instead! pic.twitter.com/YEUYqc9IUk
— 0xngmi (@0xngmi) August 23, 2023
DeFiLlama has reported the ad and the ad network to Google several times. “But Google has failed to take any action,” the researcher posted as part of their X thread. The search engine giant has not yet responded to these concerns.
For other members of the crypto community, however, 0xngmi has suggested installing an ad blocker to prevent users from being exposed to fishy advertisements.
what’s really cool about this scam is that not 100% of clicks on that ad are going to redirect you to the scam site
first attempt, second attempt pic.twitter.com/Bip0WLou8b
— PumpkinBiscotti (@PumpkinBiscotti) August 23, 2023
Crypto investors have lost up to $4 million (roughly Rs. 35 crore) by engaging with hoax links, sprawled all over the web, ScamSniffer said in a recent report.
Back in October 2022, Binance CEO Changpeng Zhao called Google out for not getting rid of scam sites from search results, thus exposing people to financial exploits on a daily basis.
Google displays phishing sites when users search CMC. This affects users adding smart contract addresses to MetaMask using these phishing sites. We are trying to contact Google for this, and in the meantime alerting users about this through social channels. pic.twitter.com/3q4860Jl4H
— CZ 🔶 Binance (@cz_binance) October 27, 2022
Despite repeated complaints, Google has not released a statement or solution addressing the concerns.