Crypto catfishers ditch fake exchanges for approval phishing scams

4


Crypto romance scammers — a cohort of crypto-stealing smooth-talkers — appear to have a new trick up their sleeves: targeted approval phishing.

In a Dec. 14 report from on-chain analytics firm Chainalysis, the firm noted that the technique has seen explosive growth over the past two years, with at least $374 million in suspected stolen crypto in 2023.

Approval phishing is a crypto scam where victims are tricked into signing transactions that give scammers access to wallets, allowing them to drain funds. While this isn’t new, Chainalysis said the technique is now utilized more often by pig-butchering scammers.

Pig butchering typically starts with scammers matching with victims on dating sites and building trust over weeks or months. They eventually convince victims to part with their money, such as convincing them to participate in a fake investment scheme. 

The term comes from scammers “fattening up” the target (pig) over time to extract maximum funds before going in for the kill.

Anatomy of an approval phishing scam. Source: Chainalysis

The new phishing approval method appears to be a change from how crypto pig-butchering scammers operated in the past, Chainalysis’ cybercrimes research lead Eric Jardine told Cointelegraph.

“Traditionally, romance scams (also known as pig-butchering scams) are slow-burn,” said Jardine.

“Once targets are identified and trust is built, the scammer subtly mentions a crypto investment website with which they’ve had personal success. Over weeks or months, scammers coach victims on how to use these fake sites, convincing them to invest everything they possibly can.”

The rug is pulled when the victim starts to become wary, or the scammer believes “they’ve exhausted their victims’ potential,” he explained.

Instead, this new method only needs to convince a victim to sign a transaction that will then drain their funds.

Related: Crypto phishing scams: How users can stay protected

MetaMask lead product manager Taylor Monahan identified over a thousand addresses linked to targeted approval phishing scams, with an estimated total theft of $1 billion from victims since May 2021.

Romance scams are notoriously underreported, so the figure could be much higher, Chainalysis noted.

Meanwhile, the firm noted that one of the most successful approval phishing addresses has likely profited $44.3 million from thousands of victim addresses.

The 10 largest approval phishing addresses combined account for almost 16% of all value stolen during the period studied, it added.

Distribution of suspected approval phishing address revenue. Source: Chainalysis

The firm concluded that the industry could work to educate users not to sign approval transactions unless they’re sure they trust the entity on the other side.

Magazine: X Hall of Flame: Expect ‘records broken’ by Bitcoin ETF: Brett Harrison (ex-FTX US)