Crypto Scammers Used Google to Steal Over $500,000 Last Month

WCryptocurrency enthusiast: Phishing scams are no longer just for email.

In a new scam, criminals are manipulating online advertising to target cryptocurrency users looking for “wallet” apps for digital currency MetaMask and Phantom, according to cybersecurity firm Check Point Research. Scammers bid on keywords found on Google ads, to lure cryptocurrency enthusiasts to fake versions of websites, according to a Check Point investigation.

The effectiveness of the scam and the challenges involved in proving fraud reveal some of the downsides to anonymous digital savings that can be accessed by anyone with the right code.

A Google ad phishing scam could potentially lead to the theft of at least $500,000 in cryptocurrency in November, according to Check Point. It is often difficult to calculate the extent of fraud because not everyone is affected by reporting such incidents.

Representatives for MetaMask, Phantom, and Google did not respond to requests for comment.

How does deception work?

Cryptocurrency holders must have access to a long string of numbers that identify their holdings on a decentralized ledger known as the blockchain. Some people store these numbers as hard copies. Many store it in online “wallets”, provided by cryptocurrency exchanges and specialized apps such as MetaMask and Phantom.

Most cryptocurrency holders first buy the cryptocurrency and hold it in brokerage style accounts on websites like Coinbase or Robinhood. However, there are certain things, such as buying non-redeemable tokens, that cannot be used on these platforms. Therefore, some enthusiasts are moving their crypto holdings to more flexible applications, including MetaMask, which specializes in storing Ethereum-linked tokens and enabling NFT purchases; and Phantom, which specializes in cryptocurrency applications Solana. Both sites allow cryptocurrency to be transferred from other platforms to their wallets.

During November, Google searches for MetaMask and Solana were answered, in part, by ads with links to fake-like websites, according to Check Point.

If a user inadvertently clicks on the link, they enter into a complex simulation of real websites, like a digital version of the “Ocean’s Eleven” caper. Screenshot taken by Check Point, for example, showing a link named, which is a single keystroke from the legitimate URL of Once the user clicked the link, the web design, as shown in more Check Point screenshots, was an exact replica of the real site. Even tech support instant messages popup, according to Check Point, were carefully aligned with the site’s legitimate web design.

Once on the dummy Phantom or MetaMask website, users were prompted through the account creation process. The language of the prompts made it appear that the user was creating an entirely new wallet; But they were actually preparing new passwords for an existing Phantom or MetaMask wallet – one that the scammers controlled. When it comes to wallet funding, the fake website has once again been linked to the bona fide website. Scammers can pass any cryptocurrency transferred to the “new” wallet instantly.

End of the year nightmare

A Texas man who fell prey to a similar MetaMask scam in late November lost about $50,000 in bitcoin after a fake help agent broke into his Coinbase account. (Money agreed not to have his name published because he was a crime victim.)

His problems did not end there. He said he had nightmares about the experience. He has spent much of the holiday season filing reports with the Federal Trade Commission and the FBI, and worries that he will struggle to prove that he is no longer in control of the cryptocurrency, potentially leaving himself vulnerable to tax capital gains.

“I just feel like this [fool]’ said the man from Texas Money.

daily money

Every day we publish the latest news, stories and content on important financial topics. This is your daily guide to all things personal finance.


More money:

Coinbase for Beginners: A Complete Guide to Buying and Selling Cryptocurrencies on a Popular Exchange

What is cryptocurrency?

Top 5 Crypto Wallets of 2021

© Copyright 2021 Ad Practitioners, LLC. All rights reserved.
This article originally appeared on and may contain affiliate links for which Money is compensated. The opinions expressed in this article are those of the author alone, not those of a third party, and have not been reviewed, approved, or otherwise endorsed. Offers may be subject to change without notice. For more information, read Money’s full disclaimer.

The opinions and opinions expressed here are those of the author and do not necessarily reflect the views and opinions of Nasdaq, Inc.

About the author

Publishing Team

Leave a Comment