Cryptocurrency scams have been a major threat since the earliest days of crypto. So many victims have found their wallets emptied over the years, and the problem has only become worse with more mainstream acceptance. Today, scammers have built a considerable industry out of stealing crypto wallets.
The best defense has always been generous helpings of caution and common sense. Avoiding dubious crypto projects and ignoring suspicious emails used to be enough to keep your crypto safe. However, even seemingly trusted sources are now compromised as scammers use Google ads to draw in more victims.
Malvertising – A Growing Threat
Malvertising has existed for years but has recently become one of the most prominent scams online. A combination of the terms “malware” and “advertising,” malvertising is the use of fraudulent ads to direct victims to download malware.
There are many types of malware that these scams rely on, including keyloggers and other tools that can steal login credentials for all kinds of platforms – email, social media, and even banking. One of the prime targets for malvertising today is crypto wallets, which can contain significant values of cryptocurrency and NFTs.
Online advertising is notoriously unregulated. Some claim that the scale of online advertising makes effective moderation impossible. Others blame platforms like Google and Facebook for not doing enough to stop the issue. In any case, the threat has never been more serious.
How Scammers Exploit Search Engine Advertising
When you search through Google or other search engines, you’ll find that the first few results are paid advertisements. In most cases, these advertisements are legitimate. Search for a specific type of product or service, and the ads will be from companies trying to secure your business.
However, these ads are all self-serve. Companies create their own ads and choose target keywords through Google’s online advertising platform – Google Ads. Many experts say there is drastically insufficient screening for these ads, with providers relying on users to report ads before taking action.
This lack of oversight allows scammers to create their own ads and have them seen by countless users. They exploit this by creating ads almost identical to legitimate search results for well-known platforms and products.
Victims type in the name of the specific platform or product, expecting the first result to be the official website. However, the first results are ads. In many cases, they’ll be ads purchased by the official company or potentially ads for some of their legitimate competitors.
In other cases, they are ads that claim to be the official website but redirect to a nearly identical copy. Users don’t realize they aren’t on the official website and can enter login information or download files. This allows scammers to steal login credentials and distribute malware to a vast audience.
Companies Warn Against Spoofed Websites
This strategy is particularly effective when targeting various software providers. When users need to download or update specific software, they’ll go to the developer’s website and download it. However, if they use a search engine to reach that website, they could be presented with fraudulent ads copying that website.
Recently, scammers have renewed their focus on this strategy, with many high-profile software developers having fake ads appear for related search terms. Some companies have put out public statements warning their customers against this scam.
Binance, the world’s largest cryptocurrency exchange, is one such example. Their CEO issued a statement warning against fake Google ads phishing user login information. OBS, a free live-streaming software company, put out a similar statement warning against ads directing users to malicious software downloads.
Malvertising campaigns are currently targeting a wide range of companies. They often focus on software companies that provide free downloads, as this provides an easy vector to distribute malware. CapCut, Blender 3D, VLC, WinRAR, and other major software distributors have been targeted.
Malvertising Scams Snag High-Profile Victims
These scams cast a wide net, hoping to catch as many people as possible. Given the low cost and high potential returns, scammers can make do with taking relatively small amounts of crypto from everyday people. However, these scams sometimes catch big fish as well.
One major crypto influencer lost all their NFTs after falling victim to such a scam. Notable NFT collector @NFT_GOD had their wallet compromised after downloading a file from a website spoofing OBS. He had followed a fake advertisement, believing it to be the official site. The collection included multiple NFTs, including some from the Mutant Ape Yacht Club, some worth tens of thousands.
Once the scammers gain access to crypto wallets, they quickly transfer all assets out. This can provide insight into how much scammers manage to steal, as the blockchain contains information showing which transactions go to which wallets. Scammers likely use multiple wallets, which complicates finding exact values.
Check Point Research evaluated one scam targeting users of the Phantom App digital wallet through fake Google ads. They found that just one scam operation had managed to secure more than $500,000 in cryptocurrency from compromised wallets. With countless other scam operations out there, the toll of the malvertising epidemic must be truly staggering.
Protecting Yourself From Google Ads Crypto Scams
These fake ad scams are a severe threat, but you can take steps to protect yourself. Securing your cryptocurrencies in a reliable digital wallet is the first step, but these scams can get around that by compromising your computer with malware.
One solution is to never click on ads in search engines ever again. In most search engines, the top two or three results are ads. They are generally clearly marked as ads or sponsored links. This might sound drastic, but the issue has become incredibly widespread.
If you’re visiting a specific company or product website, you need to be sure that you reach the official website. The best way to do this is to type the URL into the address bar yourself. Be sure to avoid any typos, as scammers make fake websites that are just a letter or two off of the real thing.
When you do use a search engine, be careful that the URL you arrive at matches the official website. You should also be wary of downloading any software from an unknown source. Having up-to-date antivirus and antimalware software can help, and most will scan files before downloading. If you receive a warning about the safety of a website or file, don’t ignore it.
What to Do If You’re the Victim of Malvertising
If you wake up one morning to find your crypto wallet drained, you must act quickly to prevent further damage. Run scans on all of your devices to identify and remove any malware. Change passwords for important accounts, as they may be compromised.
In many cases, there aren’t many options to get lost cryptocurrency back. However, you could be able to take action with the proper support. Blockchain transactions carry hidden information that can link online and real-world identities. Companies like Global Fraud Protection provide investigative services to uncover these details, relying on the latest technology and investigation expertise.
Finding out more about who your scammers are and where they’re operating from can let you take action. You can work with law enforcement and regulatory agencies to stop these scammers from getting away with it.