Soon after decentralized liquidity protocol Aave announced it had surpassed $60 billion in net deposits, scammers launched a phishing campaign targeting its users through Google Ads, according to security researchers.

On Wednesday, Aave said that it had become the first decentralized finance (DeFi) protocol to accumulate $60 billion in net deposits across 14 networks. According to Token Terminal data, Aave’s net deposits have more than tripled in the past year from about $18 billion in August 2024.

A day later, on Thursday, blockchain investigation firm PeckShield alerted the crypto community to an ongoing phishing attack targeting Aave (AAVE) investors. Scammers had posted phishing links to fake Aave investment platforms via the Google Ads service.

Net deposits in Aave across all chains. Source: Token Terminal

Phishing scam spreads via ads

Once an unsuspecting crypto investor clicks the links, the website will prompt them to link their crypto wallets to its services. 

Source: PeckShield

Linking a wallet address to the phishing website will allow the scammers to access and transfer all funds stored in the wallet. Such transactions are often irreversible and may result in permanent loss of funds. 

While losses from the ongoing attack have not been confirmed, the reach of the phishing attempt is high, as it is being propagated through Google Ads services.

Related: Aave proposal to launch centralized lending on Kraken’s Ink moves to next phase

Preventing loss of funds in phishing scams

Phishing scams trick users into revealing sensitive information, such as private keys, seed phrases or login credentials, by impersonating trusted or known services.

Investors are advised to double-check website URLs before interacting, including depositing funds and linking wallets. In case of a compromise, investors should take specific steps to help minimize the damage. 

Crypto investors should immediately attempt to transfer funds from the compromised wallet to a secure one. They must also reach out to their service provider through official channels and revoke any wallet approvals through services like Revoke.cash.

Additionally, compromised wallets should never be reused to store or deposit funds, as scammers would typically monitor the wallets and try to cash out any remaining funds. Users should also try to disconnect their wallets from phishing websites.

Cointelegraph contacted Aave for comment and alerted them to the ongoing phishing attempts.


Magazine: How Ethereum treasury companies could spark ‘DeFi Summer 2.0’