Google still promoting crypto phishing sites warns Binance boss
Binance CEO Changpeng Zhao (CZ) has warned that Google search results are still promoting crypto phishing and scamming websites.
Despite Google’s strict policies on crypto marketing for its ads service, scammers have still been slipping through the cracks over the past few years. At times, scam websites have even been displayed higher than legitimate crypto and blockchain projects.
In an Oct. 27 tweet, CZ warned that when searching CoinMarketCap on Google, phishing sites with an “ad” tag were showing up in front of the actual website.
“This affects users adding smart contract addresses to MetaMask using these phishing sites. We are trying to contact Google for this, and in the meantime alerting users about this through social channels,” he said.
Google displays phishing sites when users search CMC. This affects users adding smart contract addresses to MetaMask using these phishing sites. We are trying to contact Google for this, and in the meantime alerting users about this through social channels. pic.twitter.com/3q4860Jl4H
— CZ Binance (@cz_binance) October 27, 2022CoinMarketCap is one of the most commonly used crypto data aggregators on the market, was acquired by Binance for an undisclosed fee back in April 2020. Given its popularity, a lot of traffic could be directed towards these scam ads.
In some cases, phishing websites can be hard to spot, as they generally use copycat URLs to trick people that aren't paying attention into clicking. For example, one of the websites CZ highlighted was spelled “coinomarketcaap.”
In April this year, blockchain security firm SlowMist uncovered a Terra (LUNC) related phishing scam in which bad actors were using Google Ads to run copycat websites utilizing Achor Protocol and Astroport branding.
According to SlowMist, the promoted websites ranked ahead of the actual sites people were searching for and went on to swipe around $4.31 million worth of LUNC from 52 addresses between April 12. And April 21.
Related: Sneaky fake Google Translate app installs crypto miner on 112,000 PCs
In November 2021, the research arm of cybersecurity firm CheckPoint also published a report warning that around $500,000 was stolen by scammers who used Google Ads to promote phishing sites that mimicked crypto wallet providers MetaMask and Phantom.
Google’s ads service has been a topic of keen interest this week after parent company Alphabet firm highlighted in its Q3 earnings call that spending on search advertising from financial and crypto firms was down quarter over quarter.
“We did see a pullback in spending by some advertisers in certain areas in search ads. For example, in financial services, we saw a pullback in insurance, loan, mortgage, and crypto subcategories,” said Philipp Schindler, chief business officer of Google. The firm appears to have no qualms about accepting ad payments from scammers, however.