Phishing attacks within the cryptocurrency industry fell 46% in April to $38 million, the lowest level of the year. according to to security company Scam Sniffer.
Notably, this is consistent with CertiK’s findings that cryptocurrency-related abuse and fraud plummeted to an all-time low of $25.7 million in April.
Phishing Attacks in April
Base, the Ethereum layer 2 network backed by Coinbase, has seen a 145% surge in phishing incidents over the past month, reaching $8.2 million, according to research by Scam Sniffer. Two of the top 10 single thefts occurred at this chain, accounting for 21% of total thefts for the month.
Meanwhile, ERC-20 tokens suffered the most from attacks, with 88% of stolen assets belonging to this class.
Scam Sniffer has identified fake accounts as a key tool used by scammers on social media platform X (formerly Twitter). These attackers have imitated major projects such as Renzo, Avail, Ether.fi, Wormhole, and Omni, and their accounts often display fake checkmarks to give them a sense of authenticity that they use to lure in unsuspecting users.
Attackers use these accounts to post deceptive comments on social media platforms to lure unsuspecting individuals to malicious sites where their assets can be stolen.
Additionally, attackers commonly used phishing signatures such as Permit, ImproveAllowance, and Uniswap Permit2. These malicious signatures allow attackers to access the victim’s funds without their knowledge.
Fraud sniffer added:
“Despite the fact that wallets are generating increasing phishing alerts for certain signatures, wallet multipliers are actively looking for ways to avoid these alerts using legitimate contracts and value normalization variants such as Disperse and Uniswap Multicall.”