The report of the new scam comes from Check Point Research (CPR) (via The Verge), and it says that it has seen more than $500k worth of crypto stolen in a single weekend, thanks to these fake crypto wallets.
Essentially, this is a phishing scam where the malicious individuals buy a Google ad and create a site that looks like a popular crypto wallet. Specifically, the scammers target Phantom and MetaMask wallets, which are popular for the Solana and Ethereum ecosystems. However, if the scam keeps seeing success, you should also be careful with other wallets and currencies.
When someone searches on Google for these wallets, an ad will appear at the top of the search results linking to a site that looks like the actual wallet. Upon going to the website, it will trick users into providing their wallet key so the attacker can steal their cryptocurrency. If they try to create a new wallet, the website actually links to the attacker’s existing wallet, and any funds they place in will go directly to the attacker.
As far as what cryptocurrency owners can do, CPR advises them to stay on high alert. “I strongly urge the crypto community to double-check the URLs they click on and avoid clicking on Google Ads related to crypto wallets at this time,” said Oded Vanunu, Head of Products Vulnerabilities Research at Check Point.
Whether you’re dealing with cryptocurrency or any other phishing scam, you should always check the URL to make sure you’re on the website you’re supposed to be. Don’t ever give out your wallet passphrase or key to a website that you’re not sure about. Also, scroll down a little further and click the actual search result instead of an ad, as you can be more confident in the validity of the website.