What Are IPFS Phishing Attacks and How Do You Avoid Them?
Phishing techniques have continued to evolve, especially with the introduction of new, cutting-edge technologies. Although the InterPlanetary File System (IPFS) offers many benefits, it also allows cybercriminals to conduct malicious campaigns.These attacks have become even more prominent as many file storage, web hosting, and cloud services now utilize IPFS. So what are IPFS phishing attacks, and how can you avoid them?
What Are IPFS Phishing Attacks?
IPFS replaces the Hypertext Transfer Protocol (HTTP) and Hypertext Transfer Protocol Secure (HTTPS) as a way to distribute the World Wide Web. Unlike its predecessors, which are location-based,IPFS is a distributed file system. Instead of the traditional centralized client-server method, IPFS uses peer-to-peer (P2P) data networks located worldwide without requiring third parties or centralized authorities.
Because of IPFS’s decentralized nature, malicious actors are increasingly using P2P data sites to deceive unsuspecting individuals into exposing sensitive information or installing malware. These criminals leverage the IPFS network tohost their phishing kit infrastructure, as they can easily camouflage their activities.
Moreover, any malicious data uploaded onto one of the connected networks (or node) can be distributed to other nodes. Also, these malicious files can only be deleted by their owners.
Hence, IPFS phishing content can be easily distributed, is more difficult to detect, and is persistent.
Types of IPFS Phishing Attacks
Image Credit: Tumisu/Pixabay
IPFSphishing attackscould target specific individuals instead of several random users. However, mass IPFS phishing campaigns are more common.
To facilitate their attacks, these malicious actors employ one of the following methods:
An Example of IPFS Phishing Attacks
In July 2022, malicious actors distributed a fake token disguised as the Uniswap (UNI) token to over 70,000 Uniswap Liquidity Providers (LPs) wallet addresses. These hackers embedded a code in the malicious token’ssmart contract, enabling their fake site to take on Uniswap’s branding.
Their message claimed they would give LPs more UNI tokens based on the number of fake tokens they had already received. However, LPs who interacted with the message only permitted the malicious smart contract to transfer their assets. This led to a loss of over 7,500 ETH.
How Do IPFS Phishing Attacks Work?
IPFS phishing attackers capitalize on reputable websites, applications, or data to deceive unsuspecting people.
First, they create a fake site or app that resembles the legitimate version. Then, they host this fake platform on the IPFS network.
Although IPFS is majorly available through P2P networks, several public IPFS gateways—like ipfs.io or dweb.link—enable traditional web users to access IPFS. These scammers use these gateways as proxies, so you can access files on the IPFS network even though you aren’t running an IPFS client.
After creating fake sites and hosting them on gateways, phishing attackers lure you into accessing their fake platforms. They may send you a mail, a text message, a DM, or message you in an application, such as a game or productivity app.
For instance, a phishing attacker can send you a PDF said to be related toDocuSign, the document signing service. When you click the “Review Document” button, it might look like you’re on a Microsoft authentication page. However, you’ll be on a fake site hosted on IPFS. If you insert your email address or password, the attacker will collect your details and likely use them for further attacks.
These attackers can use any subject line or file format as long as it can get you to click their malicious links.
3 Common Signs of IPFS Phishing Attacks
To avoid IPFS phishing attacks, you must recognize how they appear. Here are three common signs of these malicious attacks:
1. Unsolicited Messages or DMs
Phishing attackers mostly send text messages, emails, or DMs that prompt you to click a link, usually out of nowhere. They can request tax payments, authentications, account updates, clarifications, or other similar requests and commands that seem unwarranted.
These messages are typically generic and will likely not speak specifically to you. Sometimes, IPFS phishing attackers ask you to act fast so you don’t lose something or get into trouble.
Additionally, these scammers sometimes pose as legitimate platforms. They’ll send instructions—many times, out of the blue. But most companies will never ask for your sensitive details unprovoked over emails, texts, or DMs.
2. Suspicious URLs or SSL Certificates
Although it is best to avoid clicking links in emails, texts, or DMs, if you do click, you may notice that the URLs do not match that of the legitimate site. Thesite’s SSL certificatemay also be invalid or different from the original site’s.
3. Malicious IPFS Gateways
If you notice “IPFS” or “CID” in a link and the site you’re trying to visit is not hosted on IPFS, it is likely asign of a phishing attack. These identifiers could be at the beginning or end of the URL.
Pages hosted on IPFS have URLs that look this way: “https:///ipfs/” CID is the resource’s content identifier. Instead of CID, you may find IPNS ID or DNSLINK, which are also paths to the resource. Instead of these paths to resource, you may also find a 46-character random string.
However, if you’re supposed to be on the IPFS network, it’s possible to check the gateway used in the URL to determine if it’s malicious or safe.
10 Tips to Stay Safe With IPFS
You need to adjust your defenses to keep up with the advancement of phishing attacks. Apply the following tips to avoid IPFS phishing attacks.
Stay Vigilant to Stop IPFS Phishing Attacks
Bad actors continue to invent new ways to execute phishing attacks. They’ve begun employing the IPFS network to deceive and scam.
However, anti-spam methods and other solutions can curb these phishing attempts. So stay aware of the latest technological advancements and cyber threats to remain safe.
Software-as-a-Service has changed how businesses operate, but that comes with a lot of cybersecurity risks too.
You’ve been quoting these famous films wrong all along!
I found my TV was always listening—so I shut it down.
Don’t let aging hardware force you into buying expensive upgrades.
The fix was buried in one tiny toggle.
One casual AI chat exposed how vulnerable I was.
