A majority of the phishing attacks recorded have been conducted on social media platforms that do not have account verification features.
As Web3 adoption goes further and more beginners enter the space, hackers are becoming more active, with more phishing attacks being recorded in the latest quarter of 2022 and social media being noted as a major platform of choice for conducting the hacks.
In the quarterly report of security firm Certik, the team has found a 170% increase in phishing attacks in the second quarter of 2022. According to the security firm, 106 attacks were recorded in the first quarter, while 290 events were noted in the next quarter.
According to the blockchain security firm, most phishing attacks have been conducted on social platforms like Discord and Telegram, which don’t have account verification features like Twitter. Because of this, malicious individuals are able to copy accounts of projects and prominent individuals while baiting their victims with giveaways and other offers.
Like Web2 attacks, Certik highlighted that hackers are counting on human error as a starting point for this type of attack. To combat this, the security firm mentioned that community education plays a crucial role. Educating new community members on how to avoid hacks and scams can increase people’s awareness and vigilance against phishing attacks.
Related: CertiK shares security tips following third BAYC security compromise in six months
Earlier this week, the official social media accounts of the British Army were taken over by crypto scammers. The attackers shared phishing links, promoted crypto scams and advertised fraudulent nonfungible token (NFT) collections using the official page of the army. Hours after the breach, officials were able to recover the accounts and delete the hackers’ posts.
In April, Bored Ape Yacht Club (BAYC) NFTs were stolen after the project’s official Instagram account was taken over by attackers. Reports estimated that there may have been $40 million worth of assets lost in the attack.