The world of cryptocurrency has long been plagued by various scam tactics, and a new method called “Approval Phishing” is starting to gain prominence. Traditionally, scammers have targeted victims by distributing fraudulent crypto apps. However, in recent years, a group of fraudsters known as pig butchering scammers have successfully integrated approval phishing into their strategies. This alarming trend has caught the attention of Chainalysis, a leading blockchain analysis firm.
After careful investigation, Chainalysis discovered 1,013 addresses directly involved in deliberate approval phishing activities. This process began with a smaller list of recognized approval phishing addresses that used romance scam tactics. Through analyzing transaction patterns, Chainalysis then identified additional addresses linked to the initial list. Shockingly, based on distinct activity patterns, victims have already incurred losses of approximately $1 billion to approval phishing scams since May 2021. It is important to note that this estimate provided by Chainalysis may underestimate the true losses due to the notorious underreporting of romance scams and the firm’s reliance on a limited dataset.
When examining the revenue generated by suspected approval phishing scammers, Chainalysis found that it reached its peak in May 2022. During this time, victims lost an estimated $516.8 million to approval phishing. By comparison, the losses in 2023 through November amounted to $374.6 million. Just like other crypto-based crimes, the majority of the theft is driven by a small number of highly successful actors. Notably, the most lucrative approval phishing address is believed to have stolen $44.3 million from thousands of victims, accounting for 4.4% of the total amount stolen during the studied period. Furthermore, the top ten approval phishing addresses collectively contributed to 15.9% of all stolen funds, while the top 73 accounts were responsible for half of the total value stolen.
Approval phishing involves the scammer tricking users into approving a malicious blockchain transaction. This approval grants the scammer permission to spend specific tokens from the victim’s wallet, allowing them to deplete the victim’s address at their discretion. Chainalysis discovered that approval phishers usually send the victim’s funds to a separate wallet, different from the one granted approval to make transactions on behalf of the victim. The typical on-chain sequence of an approval phishing scam follows this pattern:
1. The victim address signs the transaction approving the second address to spend its funds.
2. The approved spender address, as referred to by Chainalysis, executes transactions to move funds to a new destination address.
When this sequence unfolds with the approved spender address initiating the draining transaction instead of the victim address, it is highly likely that it is a case of approval phishing.
In the case of decentralized apps (dApps) on smart contract-enabled blockchains like Ethereum, approval phishers exploit the familiarity of many crypto users with signing approval transactions. The key lies in the permissions granted and the reliability of the party receiving those permissions. These scammers capitalize on the trust placed in decentralized systems by manipulating users into unknowingly granting them access to their funds.
Fighting Back Against Approval Phishing
Given the significant losses incurred by victims and the increasing prominence of approval phishing, it is crucial for crypto users to be vigilant and proactive in protecting their investments. Here are some steps to consider:
1. Education and Awareness: Stay informed about the latest scam tactics, including approval phishing. Regularly update your knowledge on potential threats and warning signs.
2. Verify App Authenticity: Before downloading any crypto-related app, verify its legitimacy and only trust apps published by reputable entities. Read reviews and check for any red flags.
3. Two-Factor Authentication (2FA): Enable 2FA wherever possible to add an extra layer of security to your accounts. This can help prevent unauthorized access even if scammers manage to obtain some credentials.
4. Double-Check Transactions: Always thoroughly review and confirm the details of any transactions, particularly those involving approval requests. Exercise caution before granting permissions.
5. Report Suspicious Activity: If you encounter or suspect any approval phishing attempts, promptly report them to the relevant authorities and platforms. By doing so, you can help protect others from falling victim to these scams.
Approval phishing poses a significant threat to crypto users, with the potential for extensive financial losses. The evolving landscape of scam tactics requires constant vigilance and informed decision-making to safeguard one’s investments. By staying alert, educated, and proactive, individuals can play a vital role in combating approval phishing and protecting the integrity of the cryptocurrency ecosystem.
Leave a Reply