Chainalysis: Approval Phishing Scams Cause $1 Billion Loss

Approval Phishing Gains Traction

Blockchain analysis firm Chainalysis has just released a report on approval phishing scams. The data shows that at least US$474 million (AU$558 million) in user funds has been stolen in 2023 alone through something called approval phishing.

Approval phishing is a scamming technique that has seen an increase for years. Unlike traditional crypto scams where victims are tricked into sending crypto to scammers, in approval phishing, scammers deceive users into signing a blockchain transaction that grants the scammer’s address the right to spend specific tokens in the victim’s wallet.

This allows scammers to drain tokens from the victim’s address whenever they choose. Originally widespread in the crypto community through fake apps, this method has been increasingly adopted by romance scammers, often leading to substantial financial losses for victims. It’s also noteworthy that the scammers typically transfer the victim’s funds to a different wallet than the one they used to gain transaction approval.

Chainalysis said that since recording data for this specific issue, which began in May 2023, users have lost a combined US$1 billion (AU$1.49 billion).

How Does it Work?

Decentralised apps (dApps) on blockchains like Ethereum often require users to grant approval transactions to their smart contracts, allowing them to move funds. While this is safe with secure dApps, as they only use approvals when directed by the user or for the dApp’s normal function, approval phishers exploit this common practice. They deceive users into signing transactions that grant extensive permissions to untrustworthy parties. Chainalysis reports one scam involved a fake story about a Uniswap phishing scam and a bogus Etherscan page, leading users to connect their wallets and unknowingly sign a malicious approval transaction.

Approval phishing has evolved, with scammers increasingly targeting specific individuals, often using romance scam tactics to build relationships and convince victims to sign transactions. Metamask’s Taylor Monahan tracked such scams using a custom Dune Analytics dashboard. Starting from a list of known romance scam-related addresses, a larger network of approval phishers was identified by connecting addresses with similar transaction patterns.

What Can Be Done to Prevent Approval Phishing?

The approval phishing scam problem can be tackled through various strategies, including user education and the use of pattern recognition tactics. The typical components of these scams involve:

Funds are usually moved from linked addresses to cash-out points, often centralised exchanges. By recognising these patterns, exchange compliance teams can monitor the blockchain for suspected consolidation wallets heavily linked to destination addresses.

When these wallets transfer funds to an exchange, the exchange can respond proactively by freezing the funds or alerting law enforcement.

Moreover, a broader industry effort to educate users is crucial. Users need to be cautious about signing approval transactions, ensuring they fully trust the recipient and understand the level of access they are granting. This education can significantly reduce the success rate of such phishing scams, Chainalysis concludes.