Decoding the New Wave of Phishing Attacks in the Web3 Space

Web3 introduces a new era of the internet, characterized by decentralized networks that leverage blockchain technology. However, along with these advancements comes a familiar threat: phishing attacks. Evolving from Web2 to Web3, phishing has adapted to this new ecosystem, continuing to pose a significant threat.

A Costly, Growing Threat

Phishing attacks in Web3 often involve fraudulent schemes designed to deceive users into revealing sensitive information, such as private keys or access to digital assets. Even high-profile projects are susceptible to these attacks.

On January 27, 2023, the official Azuki Twitter account, with hundreds of thousands of followers, fell victim to a devastating phishing attack. Hackers impersonated official admins and shared a malicious link to a fake land-minting site, which was actually a wallet drainer. In less than an hour, over $700,000 worth of digital assets was stolen.

Another notable case is the Circle impersonation scam, where attackers posed as representatives from Circle, a major stablecoin issuer, to deceive users into connecting their wallets to malicious sites. On February 21, 2024, a fake announcement about a USDC airdrop was posted on Discord, luring users with promises of free tokens. Those who clicked the link and connected their wallets had their funds drained immediately.

Identifying Phishing Red Flags

While phishing attacks in Web3 extend familiar social engineering tactics to exploit human weaknesses, several telltale signs can help users and project owners protect themselves:

1. Unsolicited Messages: Be cautious of unexpected messages, especially those requesting sensitive information. In the Azuki case, attackers sent unsolicited messages to followers, posing as official representatives.
2. Suspicious URLs: Always double-check URLs before clicking. Phishing links often mimic legitimate websites but with slight alterations that can easily go unnoticed.
3. Impersonation: Verify the identity of anyone claiming to be an admin or representative of a project. Attackers often create fake profiles that closely resemble legitimate ones.
4. DNS Attacks: Pay attention to any sudden changes in the DNS settings of a project's website. Attackers may hijack DNS records to redirect users to phishing sites that appear identical to the legitimate site.

Unique Challenges in Combating Phishing in Web3

Web3's reliance on blockchain technology, which prioritizes anonymity, presents a significant challenge for users in verifying and distinguishing between legitimate and fake identities, even for those with prior security awareness.

According to research from Anti-Phishing Working Group (APWG), scam and phishing activities have been increasing year over year. As hackers continue to innovate, the methods employed grow more complex—such as exploiting smart contract vulnerabilities or using deepfake technology to impersonate well-known figures in the crypto space.

Both users and project owners alike need an automated, intelligent system to continuously monitor, detect, and respond to phishing threats swiftly. This is where MAMORI delivers exceptional value, helping users avoid falling victim to these traps.

How MAMORI Protects Against Phishing

MAMORI is a Web3 risk intelligence platform designed to protect users and their digital asset portfolios from high-risk crypto events, including phishing schemes. It uses a multi-dimensional approach to detect risks within the noise-filled Web3 ecosystem.

For example, during the Circle impersonation scam on February 21 2024, MAMORI's Monitoring tool, which consistently tracks all official social media announcements, identified the scam. Its AI-powered analytics then successfully flagged a suspicious airdrop announcement with a high-risk relevance index, triggering MAMORI SmartRadar to send instant alerts to users.

Moreover, MAMORI offers a holistic cybersecurity assessment tool powered by the leading cybersecurity firm, Cymetrics. This additional layer of protection monitors all domains associated with Web3 projects, keeping users informed about their domain infrastructure status, including suspicious DNS alterations, which are often linked to phishing attacks.

Get Started with 14-day Free Trial

Phishing attacks remain a significant security threat, and with advancements in technology like deepfakes, we foresee even more novel tactics employed by hackers. MAMORI provides comprehensive risk intelligence and 24/7 monitoring to enable proactive risk management and informed decisions to protect digital assets in the world of Web3.

Sign up now to explore MAMORI's full spectrum risk monitoring capabilities.