A cryptocurrency investor lost $3 million in a phishing scam after signing a malicious blockchain transaction without verifying the contract address, highlighting the risk posed by digital asset scams.
A single wrong click was all it took to drain $3 million worth of USDt (USDT) from an investor who failed to verify the contract address before signing the blockchain transaction.
“Someone fell victim to a phishing attack, signed a malicious transfer, and lost 3.05M $USDT,” according to a Wednesday X post from blockchain analytics platform Lookonchain. “Stay alert, stay safe. One wrong click can drain your wallet. Never sign a transaction you don’t fully understand.”
Wallet “0x2d9” total holdings Source: Nansen
Crypto phishing attacks are social engineering schemes in which attackers share fraudulent links to steal victims’ sensitive information, such as private keys to cryptocurrency wallets.
Like most investors, the victim probably validated the wallet address by only matching the first and last few characters before transferring the $3 million to the malicious actor. The difference would have been noticeable in the middle characters, often hidden on platforms to improve visual appeal.
Related: Lazarus Group laundered over $200M in hacked crypto since 2020
Highlighting the need for more investor due diligence, another victim lost over $900,000 worth of digital assets to a sophisticated phishing attack on Sunday, 458 days after unknowingly signing a malicious approval transaction to a wallet-draining scam, Cointelegraph reported.
Source: SlowMist
These amounts pale in comparison to the $71 million lost to a wallet poisoning scam in May 2024, which took a surprising turn when the scammer had a change of heart and returned the $71 million in two weeks after folding to the growing pressure from global blockchain investigators who revealed the attacker’s potential Hong Kong-based IP address.
Related: CrediX recovers $4.5M in crypto after successful exploit negotiation
Crypto phishing attacks top security concern of 2024
Hackers are gradually shifting their focus from code to exploiting vulnerabilities in…
..
