Zero-Transfer Phishing Losses Surge to 451M USDT on Tron Network: Data
Zero-transfer phishing scams have continued to plague the crypto space, with bad actors siphoning millions of digital assets from unsuspecting victims.
Blockchain analytics platform Bitrace revealed that the damage scale for zero-transfer phishing scams has increased significantly, with market participants losing more than 451 million Tether (USDT) on the Tron network.
Investors Lose $451M USDT to Phishing on Tron
Zero-transfer phishing is a new scamming technique that allows attackers to target a victim’s transaction history by confirming zero-value transactions from the user’s wallet. They do not need the user’s private key; the attackers have to send transactions of zero value, and their addresses would appear in the user’s transaction history.
Scammers often use addresses similar to the ones the victim has sent tokens to, beginning and ending with the same set of characters. Crypto users who fall for the scam mistakenly copy and paste the attacker’s address from their transaction history, set them as the transfer recipient, and send their assets to them.
Besides the 451 million USDT lost on the Tron network, there have been several reports of large losses to phishing scams on other blockchains. Last month, an unsuspecting crypto exchange Kraken wallet user suffered a 4.46 million USDT loss as they transferred the assets to a phishing address. The incident took place on the Ethereum blockchain.
More Losses to Phishing Scams
A day before the 4.46 million USDT theft, crypto trading tool None had to shut down operations after a phishing attack. The None deployer lost 41.52 ether (ETH) and 11,7000 NONE tokens collectively worth $76,500 to a phishing address.
Similarly, a prominent crypto whale lost $24.23 million in liquid-staked Ethereum to phishing scammers despite having extensive on-chain experience. The incident is considered one of the most significant crypto phishing attacks in recent times.
Meanwhile, USDT issuing company Tether once froze $20 million USDT, which a user had mistakenly sent to a phishing scammer in August.