Cryptocurrency romance scammers have recently employed a novel tactic known as targeted approval phishing, as outlined in a December 14 report by Chainalysis. This technique has witnessed significant growth over the past two years, resulting in suspected stolen crypto amounting to at least $374 million in 2023.

Chainalysis researchers reveal details of the new method

Approval phishing involves duping victims into signing transactions that grant scammers access to their wallets, enabling them to siphon off funds. While this is not a new concept, Chainalysis has observed a surge in the use of this technique by pig-butchering scammers. Pig butchering scams typically commence on dating sites, where scammers establish connections with victims and gradually build trust over an extended period. These scammers employ various tactics to convince victims to part with their money, often through elaborate fake investment schemes.

The term “pig butchering” stems from scammers metaphorically “fattening up” the target over time to extract maximum funds before making their move. The recent approval phishing method marks a departure from the traditional approach employed by crypto pig-butchering scammers, according to insights from Chainalysis’ cybercrimes research lead, Eric Jardine. Jardine explained that traditional romance scams, also known as pig-butchering scams, unfold gradually.

Once trust is established, scammers introduce victims to a supposed crypto investment website, sharing fabricated personal success stories. Victims are then systematically coached over weeks or months on using these fake sites, ultimately convincing them to invest as much as possible. The unraveling of the scam typically occurs when the victim becomes suspicious or the scammer believes they have maximized the victim’s potential.

Limited success and the need for user education

In contrast, the newer approval phishing method streamlines the process by only requiring scammers to convince victims to sign a transaction, allowing for a swift drain of their funds. MetaMask’s lead product manager, Taylor Monahan, identified over a thousand addresses associated with targeted approval phishing scams, estimating a total theft of $1 billion from victims since May 2021. One notable challenge in addressing these issues is the underreporting of romance scams, making it difficult to gauge the true extent of the problem.

Chainalysis acknowledged the reported figure of $374 million could be significantly lower than the actual number of incidents, reflecting the reluctance of victims to come forward. Moreover, the firm emphasized that one of the most successful approval phishing addresses is estimated to have profited $44.3 million from thousands of victim addresses. The concentration of success among a few scammers is evident in the ten largest approval phishing addresses, collectively accounting for nearly 16% of all the value stolen during the studied period.

Chainalysis concluded its report by suggesting that the cryptocurrency industry could benefit from proactive measures to educate users. Such initiatives would emphasize the importance of not signing approval transactions unless users are confident in the trustworthiness of the entity on the other side. Empowering users with knowledge and caution can play a crucial role in safeguarding against evolving crypto scams.