Latest news about Bitcoin and all cryptocurrencies. Your daily crypto news habit.
Bad actors are exploiting Google Ads to dupe crypto users and steal their crypto assets by impersonating legitimate crypto platforms and other dubious tactics.
Ads promoting crypto scams have increasingly exploited platforms like Google Ads, putting crypto users at risk.
Cybercriminals use these ads to redirect users to malicious websites that impersonate legitimate crypto platforms, such as wallets and exchanges.
The latest project that scammers faked was Uniswapâs new Ethereum layer 2 solution Unichain, which has created a lot of buzz within the crypto community, even pushing the price of the decentralized exchangeâs native UNI token up by over 10% following the announcement.
Naturally, scammers looked to capitalize on the hype by promoting a fake website unlchalindefi[.]com, which was designed to look like it was affiliated with the original platform.Â
However, the scammers replaced certain sections of the website to deceive users.
They swapped out the âGet Startedâ button with a âConnectâ button and replaced the âRead the Docsâ button with a âBridgeâ option, encouraging users to link their wallets.Â
Once connected, the site would spam users with transaction requests to trick them into approving malicious transactions, ultimately draining their crypto funds.
The scammers were able to purchase ad space from Google which allowed them to place their fake website on top of Googleâs search results for the term Unichain.
At first glance, the ad even featured the actual URL for the official website, but redirected users to the fake platform when clicked.
The scam was first flagged by the analytics platform Scam Sniffer, which reported the deceptive Google search results on Oct. 15.
At the time of writing, Google had taken down both the website and the false advertisement.
A rabbit hole of deception
This was one of the many instances where bad actors have managed to circumvent the search engineâs filters.
Last month, scammers were seen impersonating Revoke Cash Crypto, a recovery service, and redirected users to a deceptive website where the visitorâs cryptocurrency wallet was compromised using malicious scripts.
Scams of this sort arenât always that easy to detect for regular users.
For instance, in August, the popular DeFi data aggregator platform DeFiLlama was targeted by scammers, and an ad mimicking the platform was placed on the search page.
While this seems just like the previous scam at first glance, the strategy was a bit more complex this time around.
Clicking on the fake ad did not always redirect users to a malicious website, and instead it happened at random.
Sometimes it was the first click and sometimes the redirect happened after multiple clicks.
In another instance, in April, scammers promoted a faked version of Whales Market, an over-the-counter crypto platform, to drain users trying to visit the actual platform.Â
Unfortunately, these malicious ads can cause damage beyond just stealing crypto assets.
Users visiting these fraudulent sites may also be exposed to other cyberattacks, such as watering hole attacks, drive-by downloads, or the deployment of malware.Â
These threats can compromise usersâ devices, steal personal information, or install harmful software without the userâs knowledge, significantly increasing the risks of interacting with such malicious domains.
Google fights back
Although scams of these sorts remain an active threat to web3 users, Google has taken some steps to fight back.
Earlier this year, the tech behemoth sued two Chinese residents for using Google Play to promote apps that deceived users into fake crypto investments.
At the time, Google said it had also purged 90 fraudulent apps deployed by these scammers.
Last year, Google blocked over 5.5 billion ads and suspended nearly 12.7 million advertiser accounts for violating various policies, including those related to scams and misrepresentation.Â
Further, the company has also implemented a âLimited Ads Servingâ policy, which limits the reach of advertisers who donât yet have a strong reputation, aiming to curb bad actors from promoting scams before they are detected.
Additionally, Google has taken legal action against scammers, including a recent lawsuit targeting individuals using Google Ads to promote fake crypto websites.
Despite these measures, Google acknowledges that scammers are becoming increasingly sophisticated, and they continue to update their systems to counter emerging threatsâ.Â
As of now, staying informed about the latest scam tactics and thoroughly checking before clicking links are some of the ways one can protect oneself when navigating the crypto space.
The post Fake Google ads are targeting unsuspecting users to steal cryptocurrency appeared first on Invezz
Disclaimer
The views and opinions expressed in this article are solely those of the authors and do not reflect the views of Bitcoin Insider. Every investment and trading move involves risk - this is especially true for cryptocurrencies given their volatility. We strongly advise our readers to conduct their own research when making a decision.