ScamSniffer：11 月網路釣魚詐騙造成 938 萬美元損失，影響超過 9,200 人

最大單筆損失為 stETH 661,000 美元。這一切發生在幾分鐘之內，這表明這些詐騙的速度有多快、有多危險。

Phishing scams caused crypto users to lose $9.38 million in November, according to ScamSniffer. This marks a significant decrease compared to October’s losses of over $20.2 million. However, despite the drop in total losses, the number of victims affected remains concerning.

據 ScamSniffer 稱，11 月網路釣魚詐騙導致加密貨幣用戶損失 938 萬美元。與 10 月超過 2,020 萬美元的損失相比，這標誌著顯著減少。然而，儘管總損失有所下降，但受影響的受害者人數仍然令人擔憂。

Major Crypto Losses Incurred Last Month

上個月發生的重大加密貨幣損失

Several large losses occurred due to phishing scams in November:

11月份因網路釣魚詐騙造成了幾起重大損失：

The largest single loss was $661,000 in stETH, which was stolen in a matter of minutes.

單筆最大損失是 661,000 美元的 stETH，幾分鐘內就被盜。

Another substantial loss of $409,000 in WBTC was reported on the Arbitrum network.

Arbitrum 網路報告稱 WBTC 又遭受了 409,000 美元的巨額損失。

Scammers also managed to steal $344,000 in FET through Ethereum’s Uniswap platform.

騙子還透過以太坊的 Uniswap 平台竊取了 344,000 美元的 FET。

Additionally, a direct transfer on the Ethereum network resulted in the loss of $220,000 in USDT.

此外，以太坊網路上的直接轉帳導致 USDT 損失 22 萬美元。

Most of these major losses were incurred through malicious signature requests. These scams typically trick users into approving harmful transactions, which allows scammers to quickly siphon off the funds. According to ScamSniffer, this method serves as the “deadliest weapon” used by attackers.

這些重大損失大部分是由於惡意簽署請求造成的。這些騙局通常會誘騙用戶批准有害交易，從而使詐騙者能夠快速吸走資金。據 ScamSniffer 稱，這種方法是攻擊者使用的「最致命的武器」。

Total Losses Decreased, but Risks Persist

總損失減少，但風險仍存在

The total losses reported in November are significantly lower than the staggering $20.2 million lost in October. September also saw even higher losses of $45.8 million. However, despite this drop in total losses, the number of victims affected by phishing scams is still alarmingly high.

11 月報告的總損失明顯低於 10 月高達 2,020 萬美元的損失。 9 月的損失甚至更高，達 4,580 萬美元。然而，儘管總損失有所下降，但受網路釣魚詐騙影響的受害者數量仍然高得驚人。

ScamSniffer also observed a shift in phishing techniques. While the Inferno Drainer scam, which plagued the Arbitrum network for several months, has faded, a new attack method called Angel Drainer is now on the rise. This highlights how scammers are continually adapting their tactics to target crypto users.

ScamSniffer 也觀察到網路釣魚技術的變化。雖然困擾 Arbitrum 網路幾個月的 Inferno Drainer 騙局已經逐漸消退，但一種名為 Angel Drainer 的新攻擊方法現在正在興起。這凸顯了詐騙者如何不斷調整其策略來瞄準加密貨幣用戶。

A Broader Perspective on Phishing Scams

對網路釣魚詐騙的更廣泛視角

Phishing attacks have become a major problem in the crypto space. According to CertiK, a blockchain security firm, phishing scams resulted in the loss of $343.1 million in Q3 2023. These losses occurred across 65 separate incidents. During that period, CertiK identified phishing as the most damaging type of attack.

網路釣魚攻擊已成為加密貨幣領域的一個主要問題。據區塊鏈安全公司 CertiK 稱，網路釣魚詐騙在 2023 年第三季造成了 3.431 億美元的損失。在此期間，CertiK 將網路釣魚視為最具破壞性的攻擊類型。

Most victims are lured into these scams through fake accounts on X (formerly Twitter). These accounts typically impersonate well-known figures or crypto projects and direct users to phishing websites. Another common method involves Google ads, where scammers use fake advertisements to trick users into clicking on malicious links. Once on these phishing sites, victims are typically prompted to connect their wallets, which gives the attackers access to their funds.

大多數受害者是透過 X（以前稱為 Twitter）上的虛假帳戶被引誘進入這些騙局的。這些帳戶通常會冒充知名人物或加密項目，並將使用者引導至網路釣魚網站。另一種常見的方法涉及Google廣告，詐騙者使用虛假廣告來誘騙用戶點擊惡意連結。一旦進入這些網路釣魚網站，受害者通常會被提示連接他們的錢包，這使攻擊者能夠訪問他們的資金。

Understanding Why These Scams Work

了解這些騙局為何有效

The effectiveness of phishing scams largely stems from their ability to appear genuine. Scammers meticulously craft fake websites, advertisements, and emails to deceive users. These traps are designed to gain the trust of victims. Furthermore, many scams utilize malicious signature requests. Victims, thinking they are signing something safe, are actually approving a scam transaction.

網路釣魚詐騙的有效性很大程度上源於其看似真實的能力。詐騙者會精心製作虛假網站、廣告和電子郵件來欺騙使用者。這些陷阱旨在贏得受害者的信任。此外，許多騙局利用惡意簽名請求。受害者認為自己正在簽署安全的東西，實際上是在批准詐騙交易。

Even experienced crypto users can fall prey to these tactics. Scammers are known to modify their techniques to evade detection. As a result, phishing scams are among the most challenging threats to combat in the crypto space.

即使是經驗豐富的加密貨幣用戶也可能成為這些策略的受害者。眾所周知，詐騙者會修改他們的技術來逃避檢測。因此，網路釣魚詐騙是加密貨幣領域最具挑戰性的威脅之一。

Tips for Staying Safe from Phishing

防範網路釣魚的提示

In light of these scams, crypto users are urged to exercise caution. Always double-check any links before clicking on them. Be wary of suspicious advertisements or emails and never blindly approve a signature without examining the details thoroughly. A single mistake could lead to a substantial loss.

鑑於這些騙局，加密貨幣用戶應謹慎行事。在點擊任何連結之前，請務必仔細檢查它們。警惕可疑的廣告或電子郵件，切勿在未徹底檢查細節的情況下盲目批准簽名。一個錯誤就可能導致重大損失。

Experts also recommend using tools to verify links and transactions. Additionally, robust security software can assist in detecting scams. Ultimately, staying alert and vigilant is the best way to safeguard your crypto funds.

專家也建議使用工具來驗證連結和交易。此外，強大的安全軟體可以幫助偵測詐騙。最終，保持警惕是保護您的加密貨幣資金的最佳方法。