- A phishing scam targeting Soneium users redirects through a fake Google ad, tricking users into visiting a fraudulent site.
- The scam uses domain names similar to Soneium’s official website, making it hard for users to detect the fraudulent link.
- Over $46 million in cryptocurrency was stolen in September through phishing attacks, with Ethereum wallets being the prime targets.
A phishing scam campaign has been revealed that aims at users looking for Sony’s blockchain project called Soneium. The scare appeared to use a Google advertisement that would redirect unsuspecting users to a fake website developed to steal users’ cryptocurrencies.
In a recent X post, Scam Sniffer posted that to get to a phishing site, one only needed to type ‘Soneium’ into Google. The domain was a fake website mimicking an incomplete landing page of a UK radiology service, which included a crypto wallet drainer.
Phishing Scam Targets Domains
The scam is more effective when the similar domain name like Soneium’s official website is used. Some differences in the URL make it hard for users to realize that they are clicked on a fake link and become victims. Scam Sniffer noted that even a single letter difference, for example, typing ‘Someium’ instead of ‘Soneium’, gets users to the scam site.
They employed an elaborate strategy to get round Google’s ad filtration system so that their criminal ad link appeared as genuine. These complex mechanisms rendered it hard for search engines to identify the ad as fraudulent thus exposing users. Scam Sniffer pointed that scammers apply this new tactic to deceive the users of search engines.
CWJ has reported earlier that Sony Block Solutions Labs and Startale Labs jointly launched Soneium. Soneium was introduced in the testnet in August and is an Ethereum layer-2 blockchain that introduces new ideas in the blockchain space. Nevertheless, given the increasing interest in the project, it has become more exposed to cyberattacks.
Rising Crypto Phishing Scams
This is not the first time for such phishing attempt, in fact, it is part of the larger crypto-related scam trend. According to Scam Sniffer, over $46 million worth of cryptocurrency was stolen in September using phishing similar to that used in this incident and affecting more than 10,800 people. The firm also pointed out that Ethereum wallets were most susceptible to these attacks.
This is because from the third quarter of 2024, over $127 million worth of cryptocurrency was stolen through phishing scams, with most of them targeting domain names that resembled real crypto projects. Such scams target on the trust of the user and leads them to click on links that are in reality a fraud.
Such scams have been on the rise and thus underlines the need for users of the cryptocurrencies to be cautious. Therefore, as phishers become more and more sophisticated, users need to be very careful about the sites they are visiting, to avoid being scammed out of their virtual money.
