ScamSniffer：11 月份网络钓鱼诈骗造成 938 万美元损失，影响超过 9,200 人

最大单笔损失为 stETH 661,000 美元。这一切发生在几分钟之内，这表明这些诈骗的速度有多快、有多危险。

Phishing scams caused crypto users to lose $9.38 million in November, according to ScamSniffer. This marks a significant decrease compared to October’s losses of over $20.2 million. However, despite the drop in total losses, the number of victims affected remains concerning.

据 ScamSniffer 称，11 月份网络钓鱼诈骗导致加密货币用户损失 938 万美元。与 10 月份超过 2,020 万美元的损失相比，这标志着显着减少。然而，尽管总损失有所下降，但受影响的受害者人数仍然令人担忧。

Major Crypto Losses Incurred Last Month

上个月发生的重大加密货币损失

Several large losses occurred due to phishing scams in November:

11月份因网络钓鱼诈骗造成了几起重大损失：

The largest single loss was $661,000 in stETH, which was stolen in a matter of minutes.

单笔最大损失是 661,000 美元的 stETH，几分钟之内就被盗。

Another substantial loss of $409,000 in WBTC was reported on the Arbitrum network.

Arbitrum 网络报告称 WBTC 又遭受了 409,000 美元的巨额损失。

Scammers also managed to steal $344,000 in FET through Ethereum’s Uniswap platform.

骗子还通过以太坊的 Uniswap 平台窃取了 344,000 美元的 FET。

Additionally, a direct transfer on the Ethereum network resulted in the loss of $220,000 in USDT.

此外，以太坊网络上的直接转账导致 USDT 损失 22 万美元。

Most of these major losses were incurred through malicious signature requests. These scams typically trick users into approving harmful transactions, which allows scammers to quickly siphon off the funds. According to ScamSniffer, this method serves as the “deadliest weapon” used by attackers.

这些重大损失大部分是由于恶意签名请求造成的。这些骗局通常会诱骗用户批准有害交易，从而使诈骗者能够快速吸走资金。据 ScamSniffer 称，这种方法是攻击者使用的“最致命的武器”。

Total Losses Decreased, but Risks Persist

总损失减少，但风险依然存在

The total losses reported in November are significantly lower than the staggering $20.2 million lost in October. September also saw even higher losses of $45.8 million. However, despite this drop in total losses, the number of victims affected by phishing scams is still alarmingly high.

11 月份报告的总损失明显低于 10 月份高达 2,020 万美元的损失。 9 月份的损失甚至更高，达 4580 万美元。然而，尽管总损失有所下降，但受网络钓鱼诈骗影响的受害者数量仍然高得惊人。

ScamSniffer also observed a shift in phishing techniques. While the Inferno Drainer scam, which plagued the Arbitrum network for several months, has faded, a new attack method called Angel Drainer is now on the rise. This highlights how scammers are continually adapting their tactics to target crypto users.

ScamSniffer 还观察到网络钓鱼技术的变化。虽然困扰 Arbitrum 网络几个月的 Inferno Drainer 骗局已经逐渐消退，但一种名为 Angel Drainer 的新攻击方法现在正在兴起。这凸显了诈骗者如何不断调整其策略来瞄准加密货币用户。

A Broader Perspective on Phishing Scams

对网络钓鱼诈骗的更广泛视角

Phishing attacks have become a major problem in the crypto space. According to CertiK, a blockchain security firm, phishing scams resulted in the loss of $343.1 million in Q3 2023. These losses occurred across 65 separate incidents. During that period, CertiK identified phishing as the most damaging type of attack.

网络钓鱼攻击已成为加密货币领域的一个主要问题。据区块链安全公司 CertiK 称，网络钓鱼诈骗在 2023 年第三季度造成了 3.431 亿美元的损失。这些损失发生在 65 起不同的事件中。在此期间，CertiK 将网络钓鱼视为最具破坏性的攻击类型。

Most victims are lured into these scams through fake accounts on X (formerly Twitter). These accounts typically impersonate well-known figures or crypto projects and direct users to phishing websites. Another common method involves Google ads, where scammers use fake advertisements to trick users into clicking on malicious links. Once on these phishing sites, victims are typically prompted to connect their wallets, which gives the attackers access to their funds.

大多数受害者是通过 X（以前称为 Twitter）上的虚假帐户被引诱进入这些骗局的。这些帐户通常冒充知名人物或加密项目，并将用户引导至网络钓鱼网站。另一种常见的方法涉及谷歌广告，诈骗者使用虚假广告来诱骗用户点击恶意链接。一旦进入这些网络钓鱼网站，受害者通常会被提示连接他们的钱包，这使攻击者能够访问他们的资金。

Understanding Why These Scams Work

了解这些骗局为何有效

The effectiveness of phishing scams largely stems from their ability to appear genuine. Scammers meticulously craft fake websites, advertisements, and emails to deceive users. These traps are designed to gain the trust of victims. Furthermore, many scams utilize malicious signature requests. Victims, thinking they are signing something safe, are actually approving a scam transaction.

网络钓鱼诈骗的有效性很大程度上源于其看似真实的能力。诈骗者精心制作虚假网站、广告和电子邮件来欺骗用户。这些陷阱旨在赢得受害者的信任。此外，许多骗局利用恶意签名请求。受害者认为他们正在签署安全的东西，实际上是在批准诈骗交易。

Even experienced crypto users can fall prey to these tactics. Scammers are known to modify their techniques to evade detection. As a result, phishing scams are among the most challenging threats to combat in the crypto space.

即使是经验丰富的加密货币用户也可能成为这些策略的牺牲品。众所周知，诈骗者会修改他们的技术来逃避检测。因此，网络钓鱼诈骗是加密货币领域最具挑战性的威胁之一。

Tips for Staying Safe from Phishing

防范网络钓鱼的提示

In light of these scams, crypto users are urged to exercise caution. Always double-check any links before clicking on them. Be wary of suspicious advertisements or emails and never blindly approve a signature without examining the details thoroughly. A single mistake could lead to a substantial loss.

鉴于这些骗局，加密货币用户应谨慎行事。在点击任何链接之前，请务必仔细检查它们。警惕可疑的广告或电子邮件，切勿在未彻底检查细节的情况下盲目批准签名。一个错误就可能导致重大损失。

Experts also recommend using tools to verify links and transactions. Additionally, robust security software can assist in detecting scams. Ultimately, staying alert and vigilant is the best way to safeguard your crypto funds.

专家还建议使用工具来验证链接和交易。此外，强大的安全软件可以帮助检测诈骗。最终，保持警惕是保护您的加密货币资金的最佳方法。