Loading prices…
🩸BEARISH

Scammers steal $400K via fake Uniswap Google ads

The loss number is modest, but the attack vector — paid Google Search ads spoofing a top DEX's domain — has become the default phishing lane for crypto users and is widening.

On-chain analyst b-block warned that fake Google ads impersonating Uniswap have stolen at least $400,000 from users clicking through to spoofed versions of the protocol's site. Stacy Muur, founder of Web3 marketing agency Green Dots, confirmed the fund flow, with victims approving wallet transactions on lookalike domains that rank above the real Uniswap interface in Google Search results.

Why it matters

Security Alliance (SEAL) previously flagged that Google Search phishing campaigns have risen sharply since March, with attackers buying sponsored slots and at times compromising legitimate ad accounts to impersonate popular crypto protocols. Paid placements sit above organic results and carry Google's brand-trust halo, which is exactly what the phishing flow needs: a user types "Uniswap" into the search bar, sees a sponsored link that looks correct, and approves a wallet drain to a contract they never read.

Market impact

The $400K figure is small relative to the DEX's daily volume, but the attack pattern is the story — every top DeFi protocol is now a target the same way, and the channel (Google's own ad inventory) is outside the protocol's control. The mitigations live on the user side: hardware wallets, bookmarked URLs, and transaction-level allowance revocation. Watch for whether Google tightens crypto ad KYC after another round of these incidents, and whether the protocols themselves begin buying defensive ad slots on their own brand terms to push phishing results further down the page.

Related tokens
$UNI

Frequently asked questions

  1. How are the fake Uniswap Google ads stealing funds?

    Users search for "Uniswap," click a sponsored ad that mimics the protocol's site, and approve wallet transactions on a lookalike domain — the transaction drains their wallet to the attacker's contract.

  2. How much has been stolen so far?

    On-chain analyst b-block puts the total at at least $400,000, with Green Dots founder Stacy Muur confirming the flow of stolen funds through the spoofed sites.

  3. What is Security Alliance (SEAL) saying about the trend?

    SEAL has warned that Google Search phishing campaigns have risen sharply since March, with attackers buying ads or compromising legitimate ad accounts to impersonate popular crypto protocols.

  4. Why do fake Google ads work for crypto phishing?

    Sponsored slots appear above organic results and inherit Google's visual trust cues, so a user typing a brand name sees a convincing fake ranked first and is likelier to click and approve a transaction without checking the URL.

  5. How can users protect themselves from these scams?

    Bookmark the protocol's real URL, use a hardware wallet, read every transaction before signing, and revoke token allowances that are no longer needed through tools designed for that purpose.

Source attribution
Aggregated from WuBlockchain · Verified · Last refreshed 45d ago
Open original →