Approval of Phishing Wander have been used to steal at least $ 1 billion in cryptocurrency since May 2021, according to a new Chainalysis report.
The researchers estimate that this technique, often used by romantic scammers, has led to that crypto users have lost at least $ 374 million so far in 2023.
Approval phishing is a kind of crypto -scam in which attackers try to mislead goals when signing a malignant blockchain transaction that gives their address approval to issue specific tokens in the victim’s wallet. This allows the scammer to remove the address of the victim of these tokens as desired, with some goals losing tens of millions.
As soon as the victim signs the transaction, the Phisher generally sends the money to a separate wallet from the person they have approved.
The technology is less well-known than typical crypto-swam, which usually holds a fake investment option or imitation.
The report showed that approval phishers are increasingly focused on specific crypto users, building relationships with victims and often the use of romantic scam techniques to convince them to sign approval transactions.
The vast majority of approval phishing theft is driven by some very successful actors, according to the analysis. It is assumed that the most successful address has stolen $ 44.3 million from thousands of victim addresses, which represents 4.4% of the total amount of cryptocurrency that will be stolen during the period studied.
The ten largest approval phishing thefts accounted for 15.9% of the stolen value, with the 73 largest account in half.
Chainalysis believes that the actual losses of this scam can be much higher, because romantic scam is notorously underrited.
How to tackle approval phishing
The report contains a series of steps that crypto -compliance teams can take to tackle this threat:
- Training cryptocurrency users about this type of crypto -wang and not to sign approval transactions, unless they are sure that they trust the person or the company on the other hand.
- Monitoring the blockchain on suspected approval phishing consolidation room with heavy exposure to destination addresses.
- Take steps such as automatic freezing of funds or reporting to law enforcement when suspected portfolios move funds to their platform.