A zero transfer phishing attack recently orchestrated by a scammer resulted in the theft of $20 million worth of Tether (USDT) on August 1.
The incident unfolded when the scammer managed to get hold of 20 million USDT from the victim’s address, which was identified as 0x4071…9Cbc.
The victim intended to send the money to address 0xa7B4BAC8f0f9692e56750aEFB5f6cB5516E90570, but due to the scammer’s cunning manipulation, it was redirected to a phishing address, 0xa7Bf48749D2E4aA29e3209879956b9bAa9E90570.
The scammer’s ploy started with the victim’s wallet receiving $10 million from a Binance account. After sending it to another address, the victim unknowingly fell prey to the scammer’s trickery.
The scammer initiated a fabricated Zero USDT token transfer from the victim’s account to the phishing address.
When the victim later attempted to transfer 20 million USDT, they mistakenly believed they were sending it to their desired address.
However, they were, in fact, transferring the amount to the scammer.
Upon discovering the scam, Tether promptly blacklisted the victim’s wallet, raising concerns about the swiftness of the issuer’s response.
READ MORE: Liquid Staking Tokens Poised to Dethrone Ethereum’s Ether (ETH) as Dominant DeFi Asset
The success of this type of phishing attack is partially attributed to the common practice among users of only checking the first or last five digits of a wallet address, rather than verifying the entire address. This oversight causes them to send assets to a phishing address unknowingly.
The mechanics of the zero transfer scam can be explained as follows: When a victim sends a certain amount of coins to an address for an exchange deposit, the attacker duplicates a similar-looking address under their control.
They then execute a transaction for zero coins from the victim’s wallet to this mimic address.
When the victim reviews their transaction history, they might mistake the phishing address for the actual deposit address and proceed to send their coins to it.
Unfortunately, such zero transfer phishing scams have become increasingly common within the cryptocurrency ecosystem over the past year.
In fact, the first known instance of this type of scam occurred in December 2022, and it has since caused losses exceeding $40 million due to various reported attacks.
In conclusion, the prevalence of zero transfer phishing attacks highlights the need for increased vigilance and awareness among cryptocurrency users.
By verifying complete wallet addresses and staying informed about emerging scam techniques, users can better protect their digital assets from falling into the hands of malicious actors.
Additionally, issuers and platforms within the crypto industry should continue to develop robust security measures to mitigate the impact of these scams and safeguard their users’ funds.
Other Stories:
BNB Smart Chain (BSC) Hit by Copycat Attacks
Bitcoin’s Reduced Volatility Sparks Anticipation for Exciting Long-Term Bull Signal
SEC Chairman Gary Gensler Raises Alarm Over Widespread Fraud in Crypto Market
