Since May 2021, a staggering $2.7 billion has been lost to approval phishing attacks — and a multinational operation led to one victim being identified in the middle of a scam.
A widespread operation has been launched to thwart cybercriminals engaged in “approval phishing.”
According to Chainalysis, such attacks involve deceiving an unsuspecting victim into signing a malicious blockchain transaction — often through a fake crypto app.
Once complete, it means scammers can spend certain tokens within their wallet at will — potentially draining someone’s life savings in certain circumstances.
Source: Chainalysis
A particularly notorious incident back in September 2023 led to one person losing $24.23 million of staked ETH that was sitting in their wallet.
Since May 2021, a staggering $2.7 billion has been lost to approval phishing attacks, with the blockchain analytics firm warning it’s “a much bigger problem than previously known.”
As a result, Chainalysis says that it’s now launched “Operation Spincaster,” which aims to identify compromised wallets before any lasting damage can be done.
Sprints across six countries led to more than 7,000 leads being identified — with losses among these cases amounting to approximately $162 million.
And in a particularly breathtaking development, one victim was contacted and alerted that they were in the middle of an ongoing scam, meaning the approval that was given to their attacker could be revoked before crypto worth hundreds of thousands of dollars was stolen.
Operation Spincaster shows how law enforcement agencies are increasingly making use of the intelligence delivered through blockchain analytics, which leverages the transparency of this technology to monitor how illicit funds flow through the ecosystem.
The National Crime Agency says 230 British victims were identified as a result and has vowed to bring offenders to justice no matter where they are. The NCA’s acting head of illicit finance, Celestino Calabrese, said:
This work has protected victims here in the U.K. and provided opportunities for us to pursue organized crime groups causing significant harm. Many of these groups are based overseas, and utilize sophisticated methods to gain the trust of unsuspecting investors.
While some police forces are beginning to hire their own crypto investigators, such departments are often experimental and sometimes understaffed. Operations like this — when coupled with collaboration from the crypto exchanges that are being used to move stolen funds — help to give law enforcement agencies the extra manpower they need to deliver results. As Ruben van Well of the Dutch National Police said:
By the end of the sprint, we were able to set up detection methods and freeze several wallets to prevent further loss of funds for victims. The relationships and collaborative efforts established through Operation Spincaster marks a pivotal step in our efforts to disrupt and prevent scams within the ecosystem.
Binance was involved in Operation Spincaster, and says that the initiative is now going to be expanded to a greater number of countries. As well as tracing the flow of funds, the exchange’s staff were also tasked with identifying victims, breaking news of the scam to them, and offering education to help them stay safe in the future.
According to Chainalysis, educating crypto users is a crucial first step in clamping down on scams — and unfortunately, even experienced investors can often fall susceptible to a phishing attack. The company went on to add:
Cryptocurrency exchanges wield significant influence in detecting and preventing approval phishing scams. Implementing proactive — rather than reactive — transaction monitoring capabilities and a robust risk management strategy is essential to effectively combat and prevent such threats.
And in terms of top tips for the public as approval phishing remains a persistent threat, the company says crypto owners should be exceedingly wary if they are urgently asked to send money or provide personal information — even if the source of the request looks official.
Oftentimes, taking a beat and performing some independent research through search engines and social media can help verify whether such a request is genuine. It’s also about trusting your instincts — as the old saying goes, if something seems too good to be true, it probably is.
Approval phishing is the latest sign that cybercriminals are continually changing their tactics as awareness grows of their methods — and becoming even more emboldened during the bull market. With hacks happening at an alarming frequency, investing in crypto is full of risk… and that might be a substantial stumbling block in the quest for wider global adoption.
You might also like: Tether is used by way more criminals than you think