Interface Illusions: Uncovering the Rise of Visual Scams in Cryptocurrency Wallets
Keywords: cybercrime, scam, cryptocurrency wallet, phishing, visual scam
TL;DR: Our research exposes 24.9M visual scams on Ethereum from 2022-2023, leading to losses exceeding 27 million USD, with targeted mitigation strategies proposed.
Abstract: Cryptocurrencies, while revolutionary, have become a magnet for malicious actors. With numerous reports underscoring cyberattacks and scams in this domain, our paper takes the lead in characterizing visual scams associated with cryptocurrency wallets—a fundamental component of Web3. Specifically, scammers capitalize on the omission of vital wallet interface details, such as token symbols, wallet addresses, and smart contract function names, to mislead users, potentially resulting in unintended financial losses. Analyzing Ethereum blockchain transactions from July 2022 to June 2023, we uncovered a total of 24,901,115 visual scam incidents, which include 3,585,493 counterfeit token attacks, 21,281,749 zero-transfer attacks, and 33,873 function name attacks, orchestrated by 6,768 distinct attackers. Shockingly, over 28,414 victims fell prey to these scams, with losses surpassing 27 million USD. This alarming data underscores the pressing need for robust protective measures. By profiling the typical victims and attackers, we are able to propose mitigation strategies informed by our findings.
Track: Security
Submission Guidelines Scope: Yes
Submission Guidelines Blind: Yes
Submission Guidelines Format: Yes
Submission Guidelines Limit: Yes
Submission Guidelines Authorship: Yes
Student Author: Yes
Submission Number: 198
Loading