SlowMist, a blockchain security company, has put together a list of the five most common phishing methods used by crypto scammers in 2022. These include using fake sales orders, malicious browser bookmarks, and Trojan malware that is spread through the messaging app Discord.
SlowMist’s report from January 9 says that the security company kept track of 303 blockchain security incidents over the course of the year. Of these, 31.6% were caused by phishing, rug pulls, or other scams.
Bad bookmarks in a browser
One method of phishing uses bookmark managers, which are a feature of most modern browsers.
SlowMist said that scammers have been using these to get into the Discord account of a project owner.
During this process, the scammer can steal a victim’s Discord token, which is their encrypted Discord username and password. This gives them access to the victim’s account and lets them post fake messages and links to more phishing scams while pretending to be the victim.
NFT phishing: “Zero dollar purchase.”
SlowMist says that of the 56 major security holes in NFTs, 22 were caused by phishing attacks.
One of the most common ways scammers get people to sign over NFTs for almost nothing is by giving them a fake sales order.
Once the victim signs the order, the scammer can buy the user’s NFTs through a marketplace at a price they set.
“Unfortunately, sites like Revoke can’t be used to get rid of a stolen signature,” SlowMist wrote.
“However, you can cancel any orders you’ve set up in the past. This can reduce the risk of phishing attacks and stop the attacker from using your signature.
Trojan horse theft of money
SlowMist says that this kind of attack usually happens through private messages on Discord. The attacker invites the victim to help test a new project and then sends a programme in the form of a compressed file with an 800 MB executable file.
After you download the programme, it will look for files with keywords like “wallet” and send them to the server of the attacker.
SlowMist said, “The latest version of RedLine Stealer can also steal cryptocurrency.” It does this by scanning the local computer for installed digital currency wallet information and sending it to a remote control machine.
“RedLine Stealer can also upload and download files, run commands, and send back information about the infected computer. “It can also steal cryptocurrency.”
“Blank Check” means “nothing.” Phishing with the letter Eth
This phishing attack lets thieves sign any transaction they want with your private key. After you connect your wallet to a scam site, MetaMask may show a red warning in the signature application box.
After you sign, attackers can see your signature, which means they can make any kind of data and ask you to sign it with the ETH sign.
The company said, “This kind of phishing can be very confusing, especially when it comes to permission.”
Same-ending number transfer scam
For this scam, attackers send small amounts of tokens, like 0.01 USDT or 0.001 USDT, by airdrop to victims with addresses that are almost the same except for the last few digits. The goal is to get people to accidentally copy the wrong address into their transfer history.
The rest of the 2022 report talked about other blockchain security problems that happened that year, such as flaws in contracts and private key leaks.
During the year, there were about 92 attacks that took advantage of flaws in contracts. Together, these attacks and hacked programmes caused losses of nearly $1.1 billion.
Private key theft, on the other hand, made up about 6.6% of attacks and cost at least $762 million. Hacks of the Ronin bridge and Harmony’s Horizon bridge were the most notable examples.