Romance scams are labor-intensive and time-consuming schemes to run.
They can be lucrative, pulling in millions in stolen cryptocurrency, but they also can end up going nowhere if the targeted victim becomes suspicious or the bad actor decides there won't be a payoff.
The researchers have seen the use of approval phishing scams skyrocket over the past couple of years, with victims linked to more than 1,000 addresses tracked by Chainalysis having lost about $1 billion since 2021, including $516.8 million last year and $374.6 million through November in 2023.
Romance scams have been around for a while but have caught fire over the past couple of years with the rise of cryptocurrencies.
The FBI said in a report that in 2022, more than 19,000 people reported being victims of confidents or romance scams, with the estimated total losses reaching almost $735.9 million.
If successful, the bad actor convinces the victim to investment a certain amount of crypto into the scheme.
If the victim hands over the investment funds - it can be via cryptocurrency or digital payment platforms - with the expectation it will be invested, the scammer will disappear and become unreachable, usually when they've collected enough money or the victim tries to withdraw fund from the account, according to Trend Micro.
These scams can take a long time of pull off, but romance scammers are increasingly using the approval phishing method, which is faster and gives the threat actor more control over the outcome.
Decentralized apps - or dApps - on blockchains that enable smart contracts, such as Ethereum, require users to assign approval transactions, which give the apps smart contracts permission to move funds that are held by the users address, the researchers wrote.
That said, approval phishers rely of the fact that many crypto users are used to signing approval transactions.
Normally, non-malicious transactions involve the victim address being the initiator.
If the approved spender address can initiate the transaction, it's usually an approval phishing scam, with the bad actor - in control of the approved spend address - executing a transaction to move the fund in a new destination address outside of the victim's reach.
From there the funds are sent to a consolidation address, where the bad actors collect money stolen from multiple victims.
Chainalysis' report shows a blending of the two types of investment scams.
Romance scammers are adopting the approval phishing techniques in their schemes.
The researchers found that the most successful approval phishing addresses in their research likely stole $44.3 million from thousands of addresses, or about 4.4% of the estimated total taken since May 2021.
The 10 largest combined for 15.9% of all the stolen funds, while the 73 biggest accounted for half of the amount stolen.
The adoption of approval phishing is the latest example of romance scammers adopted new technologies and tactics in their campaigns.
Chainalysis' report about romance and approval phishing scams came the same day the Justice Department announced that four men were indicted for laundering millions of dollars of cryptocurrency stolen in pig butchering scams in a case unrelated to Chainalysis' research.
The four opened shell companies and bank accounts that were used to launder the stolen funds, which were transferred to domestic and international financial institutions, according to the DOJ. The syndicate involved in the investment frauds - which involved at least 284 transactions - collected more than $80 million from victim, with more than $20 million being directly deposited into bank accounts associated with the defendants.
This Cyber News was published on securityboulevard.com. Publication date: Fri, 15 Dec 2023 17:13:05 +0000