"Approval Phishing Scams Drain $1bn of Cryptocurrency From Victims"

According to security researchers at Chainalysis, approval phishing scams have been used to steal at least $1bn in cryptocurrency since May 2021.  The researchers estimate that this technique, which is frequently used by romance scammers, has led to crypto users losing at least $374m so far in 2023.  The researchers noted that approval phishing is a type of crypto scam in which attackers attempt to trick targets into signing a malicious blockchain transaction that gives their address approval to spend specific tokens inside the victim’s wallet.  This allows the scammer to drain the victim’s address of these tokens at will, with some targets losing tens of millions.  The researchers noted that once the victim signs the transaction, generally, the phisher sends the funds to a separate wallet from the one they approved.  The researchers stated that this technique is less well-known than typical crypto scams, which usually involve a phony investment opportunity or impersonation.  The researchers found that approval phishers are increasingly targeting specific crypto users, building relationships with victims, and often using romance scam techniques to convince them to sign approval transactions.  The researchers noted that the vast majority of approval phishing theft is driven by a few highly successful actors.  The most successful address is believed to have stolen $44.3m from thousands of victim addresses, representing 4.4% of the total amount of cryptocurrency stolen during the period studied.  

Infosecurity reports: "Approval Phishing Scams Drain $1bn of Cryptocurrency From Victims"