User Authorization Becomes New Attack Vector
Recent monitoring reveals that a growing number of users have lost assets after clicking on fake ads on search engines. Attackers purchase keyword ads to promote counterfeit websites that closely mimic the real platform's interface. Users are tricked into connecting wallets and authorizing transactions. Once the signature is confirmed, funds are swiftly drained.
Sophisticated Fake Websites Are Highly Deceptive
A user shared on social media that they mistakenly clicked a top-positioned fake search result, losing crypto assets worth hundreds of thousands of dollars. The counterfeit page layout is nearly identical to the genuine site, with only slight changes in button text or redirect paths, making it difficult for average users to detect.
Security Incidents and Financial Losses Surge
According to a report from security firm CertiK, total losses from crypto-related attacks in January 2026 reached $370.3 million, nearly four times higher than January 2025. A single social engineering attack alone accounted for $284 million in losses. A total of 40 major security events were recorded during the month.
Risk Focus Shifts from Protocol Level to User Behavior
- Phishing links are spreading rapidly, with fake websites mimicking major platforms becoming mainstream
- Fake ads frequently appear on search engines and social media platforms
- User signature authorizations are being abused, highlighting weak security awareness
Experts warn that as the DeFi ecosystem expands, brand cloning and interface spoofing are becoming more prevalent, gradually eroding user trust. The industry must prioritize user education and implement safer interaction mechanisms in the future.