Crypto Scam Alert: Phishing Attack Targets Google Users Searching for Sony’s Blockchain
A simple typo on Google could lead to a devastating crypto loss, according to security firm Scam Sniffer. The company has warned that a malicious link, disguised as a legitimate website for Sony’s blockchain project Soneium, could steal users’ cryptocurrency if they aren’t careful. The phishing scam preys on Google users who mistakenly search for “someium” instead of the correct spelling, “Soneium.”
Scam Sniffer reported on October 22 that a sponsored ad on Google related to Soneium leads to a dangerous site that contains a crypto wallet drainer—a tool designed to siphon funds from connected wallets. This warning serves as a reminder that phishing scams can occur when users least expect them, often exploiting small, easy-to-make mistakes, like misspelling a name.
How the Scam Works: The Danger of Typos
The malicious ad appears in Google Search results when a user enters a misspelled version of Soneium—a blockchain project from Sony Block Solutions Labs. This slight mistake brings up a link to a fraudulent website that looks like a legitimate page for the Soneium blockchain, but in reality, it’s a phishing trap.
Scam Sniffer’s team explained in an October 22 post that the phishing site was particularly deceptive because it used a domain suffix different from the official Soneium website, making it easy to miss. The site itself looked like an incomplete and unrelated landing page for a British radiology service, further confusing the user.
“The phishing always happens when you’re not paying attention, even if you mistakenly spell ‘Soneium’ as ‘Someium,’” Scam Sniffer said.
A Deceptive and Hard-to-Detect Scam
The security firm also noted that the website’s creators employed specific techniques to hide the malicious page from Google’s detection algorithms. This made it harder for the search engine to flag the fraudulent ad. As Scam Sniffer explained, “It’s hard to see unless you are targeted, and that’s why Google couldn’t know [about] it.”
The phishing scam relied on the user clicking on an ad with a slightly altered domain name, making it difficult for even cautious individuals to recognize the danger immediately. Once the user landed on the site, they were at risk of connecting their cryptocurrency wallet to a wallet-draining application, potentially losing their funds in a matter of seconds.
The Ongoing Threat of Crypto Phishing
This is not the first time Scam Sniffer has raised concerns about phishing attacks targeting crypto users. Earlier this month, the firm reported that over $46 million in crypto was stolen from 10,800 victims through phishing scams in September alone. In total, more than $127 million in crypto was taken from investors during Q3 2024, with Ethereum wallets being the primary target of these attacks.
Phishing scams are a major concern for the crypto community, and they continue to evolve in sophistication. In April 2024, Scam Sniffer revealed that over $4 million had been stolen in just a few weeks from users who fell victim to malicious phishing websites promoted on Google Search. These scams typically involve domain names that are strikingly similar to official crypto brands, with only minor alterations—such as swapped letters or additional characters—that are difficult for users to notice.
What Can You Do to Protect Yourself?
To protect yourself from falling victim to these types of scams, Scam Sniffer recommends a few basic safety practices:
- Double-check the URL: Always verify the URL before clicking on any link, especially in sponsored ads. Look out for small discrepancies in domain names or extensions that could signal a phishing attempt.
- Use a wallet with anti-phishing protection: Some crypto wallets have built-in features that detect phishing attempts or alert users when they connect to suspicious sites.
- Be cautious with Google ads: Be extra careful when clicking on ads in Google Search, especially if you’ve misspelled a search term. Scammers often target common typos to appear as legitimate results.
- Stay updated on phishing trends: Follow crypto security firms and blogs to stay informed about the latest phishing tactics and scam alerts.
Conclusion: Be Vigilant in the Crypto Space
While the Sony blockchain Soneium itself is legitimate, this scam highlights the risks that crypto users face daily. With phishing attacks on the rise, particularly those targeting Google search results, it’s essential to remain vigilant and cautious when navigating the web.
As phishing techniques continue to evolve, it’s crucial for crypto users to stay educated and use all available tools to protect their digital assets from fraud. Be cautious, check your URLs carefully, and always stay one step ahead of the scammers.
