Gemini Gains Approval in Singapore, Targets SE Asia Expansion
The Monetary Authority of Singapore (MAS) has granted Gemini in-principle approval for a Major Payment Institution licence in Singapore.
Typo Squatting Scams: Scammers create fake websites mimicking legitimate ones, exploiting common misspellings like “Soneium” to trick users into revealing sensitive information or draining crypto wallets.
Fake Domains: These fraudulent sites use domain names similar to the official website but with slight variations, misleading users who aren’t paying close attention.
Crypto Theft Risk: Simply landing on these phishing sites can expose users to wallet-draining attacks, making it crucial to verify web addresses carefully before entering personal or financial details.
As the cryptocurrency market grows, so do the risks associated with online searches and transactions.
On October 22 2024, the blockchain security firm announced that its team had found a Google Search for someium that produced a sponsored link to a malicious website, including a wallet drainer. Security firm Scam Sniffer recently warned about a disturbing trend targeting crypto users: typosquatting scams. Misspelling “Soneium,” a popular decentralised finance (DeFi) platform, while searching for it on Google could lead to your crypto wallet being emptied. Scam Sniffer noted, “I searched for Soneium on Google and clicked a phishing ad. Phishing always happens when you’re not paying attention, even if you mistakenly spell soneium as someium.”
Typosquatting, also known as URL hijacking, is a type of cyberattack in which scammers create fraudulent websites using URLs similar to popular, legitimate sites. They rely on users making minor typing errors when entering a web address or searching for a company, such as “Soneium.” For example, a user might mistakenly type “Sonium” or “Soneum” instead of landing on the official site and end up on a malicious website by scammers. Once on the fake website, users may be prompted to enter sensitive information such as their wallet address, private keys, or seed phrases.
Users are sometimes tricked into connecting their crypto wallets to malicious smart contracts, allowing hackers to drain funds instantly. These scam sites can also resemble real ones, making recognising deception at first glance challenging. Scammers exploit this through Google Ads, making fake links appear at the top of search results, even before legitimate ones appear. Users in a hurry or less familiar with the exact URL might unknowingly click the ad and fall prey to the scam. Scam Sniffer provided the alleged phishing link with a different domain suffix from Soneium’s official website. The link led to a primary and incomplete landing page, seemingly for a radiology service based in the UK.
Scam Sniffer’s recent findings highlight the use of typosquatting to target DeFi users, particularly those searching for the Soneium platform. According to their report, misspelling Soneium in a Google search leads to several fake websites being displayed in Google Ads. These sites imitate the DeFi platform, using convincing graphics, design elements, and similar domain names to lure users in. Once on these fraudulent sites, unsuspecting visitors might be asked to connect their crypto wallets or provide sensitive login credentials. The security firm emphasised that these malicious actors often purchase Google Ads to ensure their fake websites appear as the top search results, capitalising on users less likely to notice the subtle difference in the web address.
Scam Sniffer tracked over 50 domains associated with this typosquatting campaign, many designed to mimic popular DeFi platforms like Soneium. The financial losses can be immediate and severe. Scam Sniffer identified multiple cases where crypto users had lost thousands of dollars in Ethereum (ETH) and other digital assets after falling victim to these typosquatting scams. Once users connect their wallets to the fraudulent smart contracts, the scammers can instantly transfer funds, leaving the victims with no recourse.
The dangers of typosquatting are real, but there are several steps you can take to protect yourself and your crypto assets from these types of attacks:
Following these precautions can significantly reduce your chances of falling victim to a typosquatting attack. Awareness is key—understanding how these scams work and staying vigilant when searching for and interacting with crypto platforms can help safeguard your digital assets.
The rise of typosquatting scams targeting crypto users, especially those seeking platforms like Soneium, is a growing concern. Scammers use sophisticated tactics to deceive even experienced crypto traders, often by exploiting simple human errors such as typos in search queries. Fortunately, by taking steps to verify URLs, avoiding suspicious ads, and using proper security tools, users can better protect themselves from falling victim to these traps. As the cryptocurrency landscape evolves, so will cybercriminals’ methods. Staying informed and cautious will protect your digital assets from growing online threats. Always double-check before clicking, and consider adding extra layers of security to your wallet for enhanced protection.
The Monetary Authority of Singapore (MAS) has granted Gemini in-principle approval for a Major Payment Institution licence in Singapore.
The cards combine balances from fiat currencies, stablecoins, and cryptocurrencies stored in custody accounts.
Keeping detailed records of your crypto transactions and reporting them accurately is crucial to avoid paying tax penalties.
It's essential to understand assets and technologies involved and to be aware of the risks before diving into the world of crypto trading.