Kaspersky has detected new fraudulent websites targeting Ethereum users with false promises of crypto transaction fee (also known as gas fee) refunds.
These fraudulent platforms trick users into sharing sensitive information, such as private keys, wallet credentials, or personal data, leading to theft of funds and identities.
As Ethereum transaction volumes increase, so do the associated gas fees, creating an opportunity for cybercriminals to prey on users seeking cost relief.
Gas fees are the costs associated with processing transactions or executing smart contracts on the Ethereum blockchain. These fees, paid in Ethereum’s native cryptocurrency (ETH), compensate miners or validators for the computational resources required to maintain the network’s security and efficiency.
The word “gas” is used because transaction fees measure the computational work required to process transactions or smart contracts, like fuel powering a vehicle.
Fraudsters send phishing emails inviting crypto users to claim compensation for their transaction fees. When users click on the link in the email, they are directed to websites set up by the attackers. Users are prompted to connect their wallets to get the refund. Afterwards the scammers use the wallet credentials to drain funds. Kaspersky has identified dozens of fraudulent websites.
Fraudulent websites may also misuse WalletConnect, an open-source protocol that allows users to securely connect their cryptocurrency wallets to third-party applications (dApps) via QR codes for seamless interaction with blockchain services.
Users are prompted to connect their wallets under the guise of gas fee compensation, tricking them into approving malicious transactions that drain funds or expose sensitive information.
“Crypto scams are particularly appealing to nefarious agents who exploit the rapid conversion of cryptocurrency to fiat money, leveraging ready-to-use third-party transaction applications and obfuscation techniques to mask their activities,” says Olga Altukhova, senior web content analyst at Kaspersky. “These fraudsters capitalise on the trust users place in protocols like WalletConnect, deceiving them into connecting wallets or sharing sensitive data under false pretenses.
“The decentralised nature of blockchain, while revolutionary, provides fertile ground for such scams, making vigilance and robust security measures essential for users.”