Binance CEO, Changpeng ‘CZ’ Zhao has recently provided details on a failed $20 million scam attempt in a bid to keep the crypto community on alert for future occurrences.
Crypto Scammers Are “So Good Now,” Binance CEO Says
In a tweet on August 2, Changpeng Zhao described a recent scam attempt as “clever,” stating that it was “luckily” prevented as the bad actors in the crypto space seem to have gotten better.
Specifically, the Binance CEO drew attention to how these scammers now generate addresses with identical starting and ending letters as other wallet addresses.
Using these new addresses, they then proceed to impersonate other network participants and swindle unsuspecting crypto users. Technically, these kinds of scams are referred to as “zero-transfer phishing attacks.”
I want to share this (luckily) unsuccessful, but very clever and close scam incident from yesterday . Saved $20m. Hope it may also save you one day.
The scammers are so good now they generate addresses with the same starting and ending letters, which is what most people check… https://t.co/DFpdX8aNay
— CZ Binance (@cz_binance) August 2, 2023
Changpeng Zhao noted that these scams are particularly effective as most crypto users only confirm the first and last characters of an address when conducting transactions.
In fact, he stated that most wallet designs exclude the middle parts of addresses in an attempt to offer a better user interface to users
Asides from creating similar wallet addresses, the Binance CEO mentioned that these scammers would send “dust transactions” so they could be registered in their targets’ transaction history.
To explain, dust refers to a minute amount of cryptocurrency, usually valued at less than a cent, and cannot be traded on any exchange.
With the scammer’s address now present in their target’s transaction history, one can unknowingly transfer assets to these bad actors, especially if the impersonated address is one they constantly transact with.
Fast Response Helped Thwart Zero-Transfer Phishing Attack
Changpeng Zhao stated that a zero phishing attack happened to a veteran crypto operator on Aug 1 in which they transferred $20 million worth of USDT to the wrong address.
For context, the original wallet address was 0xa7Bf48749D2E4aA29e3209879956b9bAa9E90570, while the phishing address was 0xa7B4BAC8f0f9692e56750aEFB5f6cB5516E90570.
Luckily, the operator detected the scam quickly, and Binance was able to officially request for Tether to freeze the stolen USDT. The stablecoin operator responded promptly by blacklisting the wallet to prevent any further deposit or withdrawal.
The Binance CEO rounded off his tweet by stating that a fast reaction was vital to reclaiming users’ funds in these kinds of attacks. However, he did state that the assets recovery may take some time as the sender would have to complete a number of processes, including submitting a police report.
It is no news that the crypto space is riddled with heists, scams, and attacks which result in the loss of millions of dollars yearly. And these crypto scams are considered one of the major plagues in the crypto space.
According to data from Certik Security, crypto scams and hacks claimed over $313 million in just Q2 2023 alone. Another report from TRM Labs in June 2023 said that over $9 billion was lost to various scams and frauds in 2022. A huge portion (around $7.8 billion) of this figure was lost to Ponzi schemes alone, TRM added.
Featured image from Binance, chart from Tradingview