A wave of phishing emails promoting token airdrops is exploiting the names of prominent Web3 firms like WalletConnect and Token Terminal, among others. These deceptive emails have led to scammers pilfering more than $580,000 from unsuspecting victims in an ongoing hacking and phishing campaign.
Cryptocurrency investigator ZachXBT highlighted a multichain address on Telegram where the stolen cryptocurrency, totaling over $580,000, has been aggregated since the onset of the phishing emails. The address holds a variety of 280 different cryptocurrency tokens, with Ether constituting 86% of the wallet’s portfolio.
WalletConnect issued a warning on social media, acknowledging the phishing emails that encourage users to click on a malicious airdrop link. Meanwhile, users of Web3 SocialFi and the antivirus app De.Fi are also under attack, receiving emails promoting a launchpad launch and enticing them with a link to an airdrop. The attackers have even fabricated a fake Token Terminal beta launch, luring recipients with a button to claim a non-existent airdrop.
Crucially, the email addresses used by the attackers closely resemble the legitimate addresses of the targeted companies, making it challenging for recipients to discern the phishing attempts.
Investors are strongly advised to exercise caution when interacting with unexpected emails proclaiming airdrop announcements to avoid falling victim to these phishing attacks.
