Important takeaways
- Fraudsters use fake Google ads to imitate the standard protocol and steal crypto assets.
- Users are advised to manually verify URLs to ensure authenticity and avoid fraud.
Scam Sniffer analysts have identified fraudulent Google ads posing as Usual Protocol that redirect users to fake websites designed to steal crypto assets.
🚨 WARNING: Watch out for scam ads on Google that pretend to be regular protocol.
These scam ads can steal your assets if you click on them and link the wallet and sign transactions. pic.twitter.com/E8OE2oaheh
— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) December 28, 2024
The malicious ads appear at the top of Google search results when users search for “Common Protocol”, placing themselves above the legitimate website. These ads mimic Usual Protocol’s branding and language to appear authentic. This placement potentially drives users to click through as many tend to click on the first results they see.
Victims who click on these deceptive ads are directed to a fake website that attempts to access their digital assets through two primary methods: requesting wallet connections from services such as MetaMask or Trust Wallet, and prompting users to sign malicious transactions that transfer assets to fraudsters.
Fraudsters are increasingly using Google’s advertising platform to create malicious ads that direct users to fake websites. They often bid on keywords related to popular wallets and platforms, creating ads that closely mimic legitimate services.
When users click on these ads, they are redirected to phishing websites that appear authentic but are designed to collect sensitive information such as wallet passphrases.
Earlier this week, Scam Sniffer reported a similar scam targeting Pudgy Penguin users through malicious Google ads containing suspicious JavaScript code that detects crypto wallets.
🚨 Urgent SECURITY ALERT 🚨
1/6 A user reported being redirected to a fake one @pudgypenguins website via a Singapore news portal. Our investigation revealed that this is part of a larger malicious advertising campaign. pic.twitter.com/Izv3f87WrX
— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) December 25, 2024
When these scam ads identify a crypto wallet, users are redirected to spoofed versions of legitimate platforms where fraudsters can collect personal information or gain unauthorized access to funds through wallet connections.
Users are advised to always verify URLs directly and never connect their crypto wallet to a website they are not 100% sure is legitimate.
