Malicious airdrops
A malicious airdrop is a type of cryptocurrency scam where the attacker sends a fake airdrop to the target, through social media or email. An airdrop is when a crypto protocol issues a token or currency to its users.
The offer may appear to come from a reputable source, such as a well-known cryptocurrency exchange or project. The target is then asked to provide personal information or to send a small amount of cryptocurrency to an address to claim the airdrop.
Here are some examples of malicious airdrops:
Fake ICO airdops
The attacker creates a fake ICO and claims to be giving away free tokens through an airdrop. The target is then asked to provide personal information and to send a small amount of cryptocurrency to an address to receive the tokens.
Here is an example. A quick check can show you that this is not the Aribitrum account, the real account goes by @arbitrum not @ArbitrumToken, then check the url, the fake account has arbitrum[.]bio, and the real account has arbitrum[.]io.
Image: 1 - Fake Account Impersonating Arbitrum
Image: 2 - Real Arbitrum Account
Next you can see it is promising crazy returns (200% bonus).
Image 3: Promises 200% Returns
Airdrops with hidden conditions
In this type of scam, the airdrop offer appears to be legitimate, but with hidden conditions. For example, the target may have to share the offer with a certain number of friends on social media to receive the airdrop.
Airdops with malicious links
In this type of scam, the attacker sends an airdrop offer that contains a malicious link. When the target clicks on the link, the link will take them to a fake website that asks for personal information or to download a malicious file.
To avoid falling victim to digital currency scams, it's important to be careful and to ignore all unsolicited airdrop offers. When in doubt, always do research into the source first!
It's important to be cautious of any unsolicited airdrop offers and to thoroughly research the source before providing any personal information or funds.
Interested in Learning more? Since early 2022 Loyalist / Lukas / Shibango has stolen an estimated $4m+ worth of crypto and NFTs through running phishing scams on Twitter and by collaborating with other known phishing scammers.
Take a deep dive with investigations by @zachxbt to learn more how they were able to pull off these scams.
https://zachxbt.mirror.xyz/chj355oHn5PcRIc53pQpdDEkQAlC-E6k37oE3w619HY.
Sources:
The Ultimate Guide to Airdrops (https://blockgeeks.com/guides/airdrops/)
What is a Malicious Airdrop and How to Protect Yourself https://www.mycryptopedia.com/what-is-a-malicious-airdrop/)
Shop Feathers and Threads today
By supporting Feathers & Threads, you are contributing to a global effort to defend decentralized finance and the digital rights of all people.
