Phishing sites in DuckDuckGo searching for Etherscan put traders at risk

Google’s privacy-focused competitor, DuckDuckGo, has been showing phishing sites when searching for "Etherscan" – a popular platform for Ethereum block research and analysis. This poses significant financial risks for cryptocurrency investors.

Scam Sniffer, a company specializing in combating fraud in Web3, warned DuckDuckGo users about a phishing attack targeting ETH investors.

How the phishing scheme works

After users click on one of the fake websites, they are prompted to connect their MetaMask wallets. The interface looks just like the official Etherscan site, which is misleading. By agreeing to connect, the victim allows the hacker to withdraw funds from their wallet without additional authorization.

The attackers also attempt to boost the ranking of fraudulent sites in other popular search engines such as Google and Bing. Some scammers try to deceive search algorithms to gain organic rankings, while others use sponsored ads to lure victims.

Consequences for users

Scam Sniffer highlighted a recent incident where a user lost over $520,000 in digital assets by clicking on a phishing link. According to the research company, over 9,100 victims lost around $63 million to crypto phishing scams in August.