Shortly after Aave, the decentralized liquidity protocol, announced it had surpassed $60 billion in net deposits, scammers launched a phishing campaign targeting its users via Google Ads, according to cybersecurity researchers.
On Wednesday, Aave revealed it had become the first decentralized finance (DeFi) protocol to reach $60 billion in net deposits across 14 networks. Data from Token Terminal shows that Aave’s net deposits have more than tripled over the past year, climbing from approximately $18 billion in August 2024.
Just a day later, on Thursday, blockchain security firm PeckShield warned the crypto community of an active phishing attack aimed at Aave investors. The scammers reportedly used Google Ads to promote malicious links mimicking legitimate Aave investment platforms.
Phishing scam spreads via ads
Once an unsuspecting crypto investor clicks the links, the website will prompt them to link their crypto wallets to its services.
Connecting a wallet to the phishing site gives scammers access to the funds stored within, allowing them to transfer assets without the user’s consent. These transactions are typically irreversible and can lead to permanent loss of funds.
Although the extent of losses from the ongoing attack has yet to be confirmed, the phishing campaign poses a significant threat due to its wide reach through Google Ads.
How to Protect Your Funds from Phishing Scams
Phishing scams deceive users into disclosing sensitive information—such as private keys, seed phrases, or login credentials—by mimicking trusted platforms or services.
To stay safe, investors should always verify website URLs before interacting with them, especially when depositing funds or connecting wallets. If a wallet is compromised, immediate action is crucial to limit potential losses.
Users should promptly transfer any remaining assets from the affected wallet to a secure one. It’s also important to contact the relevant service provider through official support channels and revoke any wallet permissions using tools like Revoke.cash.
Once compromised, a wallet should never be used again for storing or depositing funds, as scammers often continue to monitor these wallets for future activity. Additionally, users should disconnect their wallets from any phishing websites to prevent further risk.
