Uniswap Phishing Campaign Exposes Weakness in Google Search Ads

A phishing campaign has targeted Uniswap users through fake Google advertisements, resulting in losses of at least $400,000.

The attackers created a cloned Uniswap site that closely resembled the real interface and was listed as the top result in sponsored search results. This placement made it difficult for users to distinguish between the legitimate and fake sites, leading many to unwittingly connect their wallets and authorize transactions on the malicious contract.

This is not an isolated incident, with similar attacks targeting DeFi users through paid search ads. In fact, Security Alliance (SEAL) reported a significant rise in Google Search ad phishing during March, with estimated losses of $1.27 million between March 13 and March 30 alone.

SEAL has emphasized the importance of being cautious when using sponsored search results to access crypto applications. Users are advised to avoid clicking on paid links for DeFi protocols and instead use bookmarked protocol links or verify domains before connecting a wallet.