Approval phishing scams involving elements of online romance fraud have drained victims of at least $374 million in cryptocurrency losses so far in 2023, according to new research from blockchain analytics firm Chainalysis.
The technique, which involves tricking targets into signing malicious blockchain transactions, has been exploited by crypto criminals to steal approximately $1 billion since May 2021, Chainalysis found. However, the actual figures are likely significantly higher given romance scams are often under-reported.
While substantial, the $374 million phished this year marks a 27 percent decline from 2022 levels when such schemes generated $516.8 million in illicit funds. The reduced activity could be attributed to waning crypto prices dampening scam pitches promising outsized returns, Eric Jardine, Cybercrime Research Lead at the firm, told Arabian Business.
Still, romance tactics appear to boost approval phishing success by building trust between scammers and victims. Through developing personal relationships, fraudsters more easily convince targets to sign transactions unwittingly granting access to digital wallets.
“Romance scams are more about building a personal relationship with the victim, and the scammer convincing them that they care about the victim. That kind of emotional pitch is probably still effective regardless of trends in the wider market, because the victim now trusts the scammer,” said Jardine.
Mapping networks of scammers
To track the growing phenomenon, Chainalysis developed a dataset in May 2021 flagging known approval phishing addresses and networks. The firm identified 1,013 scam-linked addresses that ultimately facilitated the $1 billion theft.
Drilling into last year’s figures, Chainalysis found the fraudsters peaked in May 2022 when $258 million was siphoned. The costliest single case drained $44.3 million from thousands of victims via a single address, accounting for 4.4 percent of total stolen funds.
The analysis also unearthed geographical correlations, with operations frequently traced to Southeast Asia and parts of Africa. However, Jardine stressed scammers can theoretically operate from anywhere as blockchain activities are pseudonymous.
To rein in scammers, Chainalysis is advocating awareness campaigns warning users only to sign transactions with fully trusted parties. Complementing education, the firm proposes blockchain surveillance tactics.
Exchanges in particular play a key role. By monitoring known scam-linked addresses, platforms can flag large outgoing flows in real-time and respond preemptively such as freezing accounts under investigation. Combined with law enforcement reporting, this “pattern recognition” disrupts criminal cashouts, Jardine explained.
“It’s important to note that funds are typically moved from consolidation addresses to cash out points — primarily centralised exchanges. Keeping this in mind, exchange compliance teams could monitor the blockchain for suspected approval phishing consolidation wallets with heavy exposure to destination addresses,” he said.
The full Chainalysis Crypto Crime Report will be released in early 2024 to reveal more in-depth insights. However, preliminary findings offer additional context. The 10 most successful approval phishing addresses comprised 15.9 percent of all stolen value from May 2021 onwards. Meanwhile, just 73 addresses laundered over half the $1 billion total.
This heavy concentration underscores the outsized damages possible from only a handful of highly active scam groups. With decentralised finance penetration growing across regions like the Middle East and North Africa, educating consumers on fraud risks is increasingly important to curb cryptocurrency’s illicit uses.
For victims and authorities seeking redress, identifying and apprehending leaders of the most prolific networks could have an outsized deterrent effect on the increasingly borderless crime of approval phishing. As always, followers remain wary the tactics may evolve in response to such countermeasures.
Follow us on
