A Brazilian crypto influencer, Augusto Backes, got over $211,000 drained from his wallet on Mar. 3 by an airdrop-related phishing scam.
According to a video from his channel, the incident occurred after he clicked on a malicious link sent from a phishing email.
Backes stated that the email address was supposedly related to an airdrop conducted by Ethereum’s layer-2 blockchain Blast.
Although he receives phishing scams in his email box daily, the Brazilian crypto influencer highlighted that he was planning a script for a video and got sidetracked.
“In the middle of this anxiety, I received an email. Two months ago, I subscribed my wallet to Blast’s airdrop, and I had to prove the NFT quantity to be selected for this airdrop”, Backes says in the video.
See Also: Crypto Sector Lost About $160M To Hack, Exploits, and Exit Scams In February: CertiK
“The email seemed to be sent from Blast, and as a matter of fact, this is a well-crafted scam, with the scammer imitating the website. I clicked the ‘Claim your tokens’ button once, signed the transaction on my MetaMask, and the contract swallowed everything.”
Joe Green, Head of the Quick Response Team at blockchain security firm CertiK, pointed out that malicious addresses linked to the Inferno Drainer scam were involved in this incident.
However, this scheme was closed in November 2023, and a personality associated with it moved onto the Angel Drainer team.
“So whilst malicious addresses linked to Inferno were involved in this incident it is unlikely to be an Inferno Drainer,” Green explains. “The scammers’ wallet is 0x3CF955Bf92DD56CFE51cf7024EA1F2be49CEBC2F while the fee address is 0xf672775e124E66f8cC3FB584ed739120d32bBaad. The transactions were initiated by 0x0000db5c8B030ae20308ac975898E09741e70000 which has been associated with the Inferno Drainer in the past.”
As a warning for Web3 users, Green says that users must check the sender’s email address.
See Also: The UK Introduces New Rules To Restrict Illicit Use Of Crypto Assets
“In the example below, the email came from [email protected], which is not an official Blast email. This will instantly indicate to the user that this is likely to be a phishing scam.”
Moreover, users should always double-check that the URL they’re clicking on is official before connecting their wallet and signing transactions, Green concludes.
Disclaimer: The information provided is not trading advice. Bitcoinworld.co.in holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decisions.
#Binance #WRITE2EARN
