A sponsored advertisement on Google, which masquerades as a website link for Sony’s blockchain, Soneium, has been flagged as a crypto wallet drainer by Scam Sniffer, a blockchain security firm. In a recent post on October 22, Scam Sniffer revealed that this deceptive ad appeared while searching for 'someium' on Google, directing unsuspecting users to a malicious site designed to extract their cryptocurrency.
The firm highlighted that phishing scams can easily ensnare users, particularly when typos occur, such as incorrectly spelling 'soneium' as 'someium.' Cointelegraph could not validate the search result findings shared by Scam Sniffer. The security firm unveiled that the alleged phishing link utilized a domain suffix distinct from Soneium’s official website, presenting as an incomplete landing page associated with a British radiology service.
Scam Sniffer elucidated that the creators behind this malicious website had utilized specific obscuring techniques to evade detection from Google, complicating the search engine's ability to flag it as malicious. As of now, Google has not responded to inquiries regarding this reported phishing link associated with Soneium.
Soneium functions as an Ethereum layer 2 blockchain, engineered by Sony Block Solutions Labs, a collaborative venture between Sony and blockchain enterprise Startale Labs, which made its testnet debut in August. In another troubling report from earlier this month, Scam Sniffer disclosed that over $46 million in cryptocurrency was stolen from approximately 10,800 victims of phishing scams throughout September alone.
The firm also pointed out that more than $127 million worth of cryptocurrencies were misappropriated from investors during the third quarter of 2024, with Ether (ETH) wallets being particularly susceptible to such phishing attacks. Back in late April, Scam Sniffer revealed that over $4 million had been illicitly extracted in just a few weeks from users who were tricked by harmful phishing websites that were advertised on Google Search.
Scammers effectively secured domain names that closely resembled those of legitimate crypto brands and protocols, strategically altering them in a manner that made it difficult for users to differentiate between the genuine and the malicious links..