Google displays phishing sites when users search CMC. This affects users adding smart contract addresses to MetaMas… https://t.co/7WMVoxij2s
— CZ 🔶 Binance (@cz_binance) 1666872222000
Over the past few years, Google Ads has placed stern policies on crypto marketing. Despite these policies, scammers have found loopholes to avoid Google’s restrictions. Moreover, in multiple cases, these fake websites have even been displayed above actual crypto and blockchain pages.
In April 2020, Binance acquired the popular crypto data aggregator CoinMarketCap. Zhao might be concerned that the site’s popularity is likely to direct a large part of traffic towards these scam ads and fake websites.
Identifying a crypto phishing campaign
Users can have a hard time identifying these phishing sites as they mostly imitate the URLs of legitimate websites to trick people who tend to click the first search result without checking it. For instance, in one of the fake sites shared by Zhao, a link had the word “coinomarketcaap” spelt like this.
Phishing attacks are basically fraudulent communications that appear to come from a reputable source but they manipulate a user, causing them to perform certain actions like installing a malicious file to gain access to private data.
Some recent crypto phishing scams
Earlier this year, a report released by blockchain security firm SlowMist revealed a Terra-related phishing campaign where scammers misused Google Ads to run websites that mimicked the actual sites. As per the report, these fake websites also ranked above the original sites and hackers were able to steal $4.31 million worth of cryptocurrency.
Another report by CheckPoint’s research arm claimed that scammers used Google Ads to steal around $500,000 by promoting copycat phishing sites of crypto wallet platforms MetaMask and Phantom.
Apart from this, Google’s parent company Alphabet also noted that spending on search advertising from financial and crypto firms has reduced from the last quarter.