Key Points:
- Scam Sniffer warns of phishing ads targeting those searching for Sony’s blockchain, Soneium.
- A typo in “Soneium” on Google can lead to a malicious link draining crypto wallets.
- The scam uses a domain similar to Soneium but redirects users to a fraudulent site.
- Over $46 million in crypto was stolen via phishing scams in September alone.
Phishing Scam Targets Soneium Search on Google
⚠️ Searched for Soneium on Google, clicked a phishing ad.
— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) October 22, 2024
After connecting your wallet and signing a phishing signature, your assets disappeared… 😱💸 pic.twitter.com/5Hpi9OTZ4S
Web3 security firm Scam Sniffer has issued a warning about a phishing scam on Google that targets users searching for Sony’s blockchain, Soneium. According to a report shared by the firm, a misspelled search query can result in users being redirected to a malicious site designed to drain cryptocurrency wallets.
Scam Sniffer detailed the situation in an October 22 post on X (formerly Twitter), revealing that a search for “someium,” a typo of Soneium, led to a sponsored ad that redirected users to a fraudulent website. This site contained a hidden crypto wallet drainer, a tool that can steal funds from unsuspecting users.
In the post, Scam Sniffer emphasized how easy it is for phishing to occur when users are not paying close attention. “Phishing always happens when you’re not paying attention, even if you mistakenly spell ‘soneium’ as ‘someium,’” the firm noted.
Although Cointelegraph attempted to replicate the search results, they were unsuccessful. However, Scam Sniffer shared the phishing link, which differed slightly from Soneium’s legitimate domain. The malicious page appeared as an incomplete landing page for a radiology service based in the UK, further concealing its true purpose.
Google’s Response and Broader Phishing Threats
Scam Sniffer explained that the scam involved sophisticated methods to evade detection by Google’s security systems, making it hard to spot unless specific users were targeted. At the time of reporting, Google had not yet responded to requests for comment on the matter.
This is not the first time that scammers have exploited Google Search ads to target cryptocurrency users. In April, Scam Sniffer reported that over $4 million had been stolen within a few weeks from users who clicked on malicious phishing websites promoted via Google ads. Scammers often register domain names closely resembling those of well-known crypto brands and protocols, which can trick users into thinking they’re visiting legitimate sites.
Soneium, Sony’s Ethereum layer-2 blockchain, was launched in testnet mode in August 2024 as part of a collaboration between Sony Block Solutions Labs and blockchain company Startale Labs. Its growing popularity makes it a prime target for phishing attacks, particularly those exploiting common typos.
Phishing scams in the crypto space have become increasingly prevalent. In September 2024 alone, over $46 million worth of cryptocurrency was stolen from 10,800 victims, according to Scam Sniffer. In the third quarter of 2024, phishing scams targeting Ether wallets were particularly successful, with a total of $127 million worth of crypto assets stolen during that period.
As blockchain technology continues to advance and attract more users, scams targeting unsuspecting investors are also evolving. To protect against such attacks, it’s essential for users to double-check URLs before clicking, avoid sponsored ads when conducting searches, and use browser tools that flag suspicious websites.
