Phishing Attacks and Defense Strategies in Bitcoin and Ethereum: A Comparative Review
DOI:
https://doi.org/10.47611/jsrhs.v14i1.8492Keywords:
Blockchain, Bitcoin, Ethereum, PhishingAbstract
Phishing is a serious threat to cryptocurrency networks; Bitcoin and Ethereum are prime targets for these attacks. This paper discusses some aspects of phishing attacks on these platforms. While the simpler architecture of Bitcoin leads to more direct phishing attempts, the more complex ecosystem in Ethereum introduces a wide range of attack vectors through dApps and smart contracts. A comparative analysis of phishing attacks in both blockchains shows that while both have their fair share of attacks, Bitcoin seems to bear the brunt of phishing attacks. Current defense strategies, like 2FA and anti-phishing tools, as well as recommendations for increasing network security against phishing are discussed in this paper. Understanding these phishing mechanisms is crucial in strengthening the security of blockchain platforms and mitigating future attacks.
Downloads
References or Bibliography
Whittaker, C., Ryner, B., & Nazif, M. (2010, February). Large-Scale Automatic Classification of Phishing Pages. In Ndss (Vol. 10, p. 2010).
Khonji, M., Iraqi, Y., & Jones, A. (2013). Phishing detection: a literature survey. IEEE Communications Surveys & Tutorials, 15(4), 2091-2121. https://doi.org/10.1109/SURV.2013.032213.00009
Rekouche, K. (2011). Early phishing. arXiv preprint arXiv:1106.4692.
Weider, D. Y., Nargundkar, S., & Tiruthani, N. (2008, July). A phishing vulnerability analysis of web based systems. In 2008 IEEE Symposium on Computers and Communications (pp. 326-331). IEEE.
Vega, J., Shevchyk, D., & Cheng, Y. (2022). A literature survey of phishing and its countermeasures. In Second Annual Computer Science Conference for CSU Undergraduates.
Jagatic, T. N., Johnson, N. A., Jakobsson, M., & Menczer, F. (2007). Social phishing. Communications of the ACM, 50(10), 94-100.
Andryukhin, A. A. (2019, March). Phishing attacks and preventions in blockchain based projects. In 2019 international conference on engineering technologies and computer science (EnT) (pp. 15-19). IEEE.
Kirby, J. (2020, January 21). The Saudi crown prince reportedly hacked Jeff Bezos. Vox. https://www.vox.com/2020/1/21/21075990/saudi-arabia-crown-pince-mbs-amazon-jeff-bezos
Gordover, M. (2015, March 26). Throwback Hack: The Epsilon Email Breach of 2011 [Review of Throwback Hack: The Epsilon Email Breach of 2011]. Proofpoint. https://www.proofpoint.com/us/blog/insider-threat-management/throwback-hack-epsilon-email-breach-2011
2018 Cryptocurrency Exchanges. User Accounts Leaks Analysis. (2018). Group-Ib.com. https://go.group-ib.com/report-cryptocurrency-exchanges-en?_gl=1’
Sarmah, S. S. (2018). Understanding blockchain technology. Computer Science and Engineering, 8(2), 23-29.
Ismail, L., & Materwala, H. (2019). A review of blockchain architecture and consensus protocols: Use cases, challenges, and solutions. Symmetry, 11(10), 1198. https://doi.org/10.3390/sym11101198
Miakish, N. (2023, April 13). Decoding the Fundamentals of Blockchain Architecture. SumatoSoft. https://sumatosoft.com/blog/decoding-the-fundamentals-of-blockchain-architEcture-a-comprehensive-guide.
Deshpande, V., Badis, H., & George, L. (2022). Efficient topology control of blockchain peer to peer network based on SDN paradigm. Peer-to-Peer Networking and Applications, 15(1), 267-289.
Nakamoto, S. (2008). Bitcoin: A peer-to-peer electronic cash system. Satoshi Nakamoto.
Hillary, & Scott-Briggs, A. (2024, August 16). Blockchain Architecture: Creating Scalable and Reliable Blockchain Networks. TechBullion. https://techbullion.com/blockchain-architecture-creating-scalable-and-reliable-blockchain-networks/
Cha, J., Singh, S. K., Pan, Y., & Park, J. H. (2020). Blockchain-based cyber threat intelligence system architecture for sustainable computing. Sustainability, 12(16), 6401.
Blockchain and the environment. (2020). European Environment Agency. https://www.eea.europa.eu/publications/blockchain-and-the-environment#additional-files.
Arti Damale. (2024, August 27). Layer-2 Solutions vs. Sharding: Which is the Better Scalability Solution? SDLC Corp. https://sdlccorp.com/post/layer-2-solutions-vs-sharding-which-is-the-better-scalability-solution/
Notomoro. (2024, February 13). 16 Disadvantages of Blockchain: Limitations and Challenges - Webisoft Blog. Webisoft. https://webisoft.com/articles/disadvantages-of-blockchain/
Crosby, M., Pattanayak, P., Verma, S., & Kalyanaraman, V. (2016). Blockchain technology: Beyond bitcoin. Applied innovation, 2(6-10), 71.
Vujičić, D., Jagodić, D., & Ranđić, S. (2018, March). Blockchain technology, bitcoin, and Ethereum: A brief overview. In 2018 17th international symposium infoteh-jahorina (infoteh) (pp. 1-6). IEEE. https://doi.org/10.1109/INFOTEH.2018.8345547
What Is a Bitcoin Wallet? (2024, August 29). Cryptonews.net. https://cryptonews.net/editorial/guides/what-is-a-bitcoin-wallet/
Volety, T., Saini, S., McGhin, T., Liu, C. Z., & Choo, K. K. R. (2019). Cracking Bitcoin wallets: I want what you have in the wallets. Future Generation Computer Systems, 91, 136-143.
Rodeck, D. (2023, May 23). What Is Blockchain? Forbes Advisor. https://www.forbes.com/advisor/investing/cryptocurrency/what-is-blockchain/
Sinkevicius, A. (2022, June 5). How do Bitcoin nodes validate transactions in blockchain? Coinmonks. https://medium.com/coinmonks/how-do-bitcoin-nodes-validate-transactions-in-blockchain-7ec0603a0140
Andoni, M., Robu, V., Flynn, D., Abram, S., Geach, D., Jenkins, D., ... & Peacock, A. (2019). Blockchain technology in the energy sector: A systematic review of challenges and opportunities. Renewable and sustainable energy reviews, 100, 143-174.
Tschorsch, F., & Scheuermann, B. (2016). Bitcoin and beyond: A technical survey on decentralized digital currencies. IEEE Communications Surveys & Tutorials, 18(3), 2084-2123.
Fauzi, M. A., Paiman, N., & Othman, Z. (2020). Bitcoin and cryptocurrency: Challenges, opportunities and future works. The Journal of Asian Finance, Economics and Business, 7(8), 695-704.
Bariviera, A. F., Basgall, M. J., Hasperué, W., & Naiouf, M. (2017). Some stylized facts of the Bitcoin market. Physica A: Statistical Mechanics and its Applications, 484, 82-90.
Biggs, N. A., Hoa Nguyen and John. (2022, Aug 5). Why Use Bitcoin? Www.coindesk.com. https://www.coindesk.com/learn/why-use-bitcoin/
Buterin, V. (2014). A next-generation smart contract and decentralized application platform. white paper, 3(37), 2-1.
Buterin, V. (2016). Ethereum: platform review. Opportunities and challenges for private and consortium blockchains, 45, 1-45.
Lee, B. J. P., & Product, C. P. M. K. D. D. of D. A. (n.d.). Smart Contract and Ethereum Explained: FAQ | VanEck. Smart Contract and Ethereum Explained: FAQ | VanEck. https://www.vaneck.com/us/en/blogs/digital-assets/smart-contract-and-ethereum-explained-faq/
Ethereum, in. (2018, February 17). Signing and Verifying Messages in Ethereum. Programtheblockchain.com. https://programtheblockchain.com/posts/2018/02/17/signing-and-verifying-messages-in-ethereum/
An overview of how smart contracts work on Ethereum | QuickNode. (2024, Sept. 17). Www.quicknode.com. https://www.quicknode.com/guides/ethereum-development/smart-contracts/an-overview-of-how-smart-contracts-work-on-ethereum
Nguyen, C. T., Hoang, D. T., Nguyen, D. N., Niyato, D., Nguyen, H. T., & Dutkiewicz, E. (2019). Proof-of-stake consensus mechanisms for future blockchain networks: fundamentals, applications and opportunities. IEEE access, 7, 85727-85745. https://doi.org/10.1109/ACCESS.2019.2925010
King, S., & Nadal, S. (2012). Ppcoin: Peer-to-peer crypto-currency with proof-of-stake. self-published paper, August, 19(1).
What is a smart contract, and how does it work? (2024, August 28). Cointelegraph. https://cointelegraph.com/learn/what-are-smart-contracts-a-beginners-guide-to-automated-agreements
VanEck. (2024, June 4). The Investment Case For Ethereum In 2024. Seeking Alpha. https://seekingalpha.com/article/4697303-ethereum-investment-case-2024
Chainalysis. (2021). The Chainalysis 2021 crypto crime report. Go.chainalysis.com. https://go.chainalysis.com/2021-Crypto-Crime-Report.html
Kaspersky Security Bulletin 2021. Statistics. (2021). https://go.kaspersky.com/rs/802-IJN-240/images/KSB_statistics_2021_eng.pdf
Message by LEDGER’s CEO - Update on the July data breach. Despite the leak, your crypto assets are safe. (2020, December 21). Ledger. https://www.ledger.com/message-ledgers-ceo-data-leak
Stu Sjouwerman. (2015, September 19). BitPay loses 1.8 Million In Phishing Attack. Knowbe4.com; KnowBe4, Inc. https://blog.knowbe4.com/bitpay-loses-1.8-million-in-phishing-attack
Harney, A., & Stecklow, S. (2017, November 17). Special Report: Twice burned - How Mt. Gox’s bitcoin customers could lose again Reuters. https://www.reuters.com/article/technology/special-report-twice-burned-how-mt-goxs-bitcoin-customers-could-lose-again-idUSKBN1DG1UA/
APWG (2022). Phishing Activity Trends Report, 3rd Quarter 2022. APWG. https://docs.apwg.org/reports/apwg_trends_report_q3_2022.pdf#:~:text=Phishing%20Activity%20Trends%20Report,%203rd%20Quarter%202022%20APWG%20member%20Agari
Cryptocurrency crime and anti-money laundering REPORT. (2022). https://info.ciphertrace.com/hubfs/CAML%20Reports/CipherTrace%20Cryptocurrency%20Crime%20and%20Anti-Money%20Laundering%20Report%2c%20October%202022.pdf
Check Point Research Team. (2021, November 4). Scammers used Google Ads to Steal ~ $500k Worth of Cryptocurrency https://blog.checkpoint.com/security/scammers-used-google-ads-to-steal-500k-worth-of-cryptocurrency/
Cointelegraph. (2024, April 2). History of Crypto: The ICO Boom and Ethereum’s Evolution. Cointelegraph. https://cointelegraph.com/news/ethereum-ico-boom-history-crypto
Cryptocurrency Crime and Anti-Money Laundering Report, Spring 2020. (2020). Docslib. https://docslib.org/doc/7189012/cryptocurrency-crime-and-anti-money-laundering-report-spring-2020.
How and Why are MetaMask Users Losing their Funds due to Phishing Incidents? | Consensys. (2022). Consensys. https://consensys.io/blog/how-and-why-are-metamask-users-losing-their-funds-due-to-phishing-incidents
Floyd, D. (2018, April 24). $150K Stolen From MyEtherWallet Users in DNS Server Hijacking. Yahoo Finance; Yahoo Finance. https://finance.yahoo.com/news/150k-stolen-myetherwallet-users-dns-163521584.html
Team, C. (2020, July 22). The Twitter Hack: What We Know One Week Later - Chainalysis. Chainalysis. https://www.chainalysis.com/blog/twitter-hack-july-2020-update/
Cryptocurrency Crime and Anti-Money Laundering Report CipherTrace Cryptocurrency Intelligence. (2021). https://info.ciphertrace.com/hubfs/CAML%20Reports/CipherTrace%20Cryptocurrency%20Crime%20and%20Anti-Money%20Laundering%20Report%20-%20May%202021.pdf
Fletcher, E. (2022, June 3). Reports show scammers cashing in on crypto craze. Federal Trade Commission. https://www.ftc.gov/news-events/data-visualizations/data-spotlight/2022/06/reports-show-scammers-cashing-crypto-craze
The 2021 Crypto Crime Report Everything you need to know about ransomware, darknet markets, and more. (2021). https://go.chainalysis.com/rs/503-FAP-074/images/Chainalysis-Crypto-Crime-2021.pdf
Rosencrance, L. (2021, July). What is two-factor authentication (2FA) and how does it work? TechTarget. https://www.techtarget.com/searchsecurity/definition/two-factor-authentication
Young, M. (2021, May 3). MetaMask warns of new phishing bot. Cointelegraph. https://cointelegraph.com/news/metamask-warns-of-new-phishing-bot
Rosenthal, M. (2022, January 12). Must-Know Phishing Statistics: Updated 2020. Tessian; Tessian. https://www.tessian.com/blog/phishing-statistics-2020/
Published
How to Cite
Issue
Section
Copyright (c) 2025 Neil Soman
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
Copyright holder(s) granted JSR a perpetual, non-exclusive license to distriute & display this article.
