An unsuspecting cryptocurrency holder recently fell prey to a devastating phishing scam, losing a staggering $4.46 million in Tether (USDT) tokens. The incident unfolded as the funds were first withdrawn from a Kraken crypto exchange wallet before ending up in an address believed to be controlled by a scammer.

Scammers’ Techniques Unveiled

Blockchain security firm PeckShield identified the recipient address, concluding it belonged to a phishing scammer. Another platform, Scam Sniffer, connected the transferred funds to a “fake Coinone crypto mining exchange.” This ongoing threat has reportedly victimized as many as 21,953 individuals, with scammers absconding with a total of approximately $337.1 million in USDT.

Understanding the Scam

Global Anti-Scam Organization (GASO) shed light on the typical approach employed in these scams, where victims unknowingly authorize unlimited withdrawals from their cryptocurrency wallets. Scammers employ deceptive tactics, convincing users to participate in a “fake mining pool” by clicking a button that requests a seemingly reasonable $10 to $50 network fee in Ether (ETH). However, this fee is merely a ruse to obtain the victim’s digitally signed authorization, granting unrestricted access to their wallet via the USDT smart contract.

@tayvano’s Dune Analytics dashboard o nUSDT Apparovl Scams. Source: Dune Analytics.

In a cautionary tale, this incident serves as a stark reminder for cryptocurrency enthusiasts to remain vigilant and exercise caution when interacting with their digital assets.