Share
Security Research
October Scam Landscape in Review
November 9, 2023
•
Forta is the largest network of security intel in Web3. The decentralized Forta Network leverages machine learning to detect exploits, scams and other threats.
Forta’s Scam Detector is the leading source of Web3 threat intelligence for scams and malicious on-chain behavior. Each month, the Scam Detector flags tens of thousands of EOAs that are engaging in or associated with scams. Last month, the Scam Detector fired 40,227 times on 37,586 unique addresses. A silent killer of Web3 adoption, scams steal millions from users each month, and billions per year. But putting a stop to scams is now possible thanks to threat intelligence offerings like Forta’s Scam Detector.
Scam Category Breakdown
As stated above, Forta detected 40,227 unique instances of scam activity in October. This is a 15% increase over the recorded scams in September, totalling 35,094 instances. It is important to note that while these metrics represent the real-world scam landscape to a certain degree, some month-to-month changes may also be attributed to improvements in detection logic.
CategorySeptemberOctoberPercent ChangeRAKE-TOKEN3,83612,398223.20%ICE-PHISHING3,4403,277-4.74%NATIVE-ICE-PHISHING322673109.01%ADDRESS-POISONER16420525.00%SCAMMER-ASSOCIATION1,0253,201212.29%SOFT-RUG-PULL19,99315,735-21.30%FRAUDULENT-NFT-ORDER31220-93.59%IMPERSONATING-TOKEN01100%HARD-RUG-PULL272254-6.62%SOCIAL-ENG-NATIVE-ICE-PHISHING20631753.88%SCAMMER-DEPLOYED-CONTRACT5,0593,887-23.17%WASH-TRADE4831-35.42%PIG-BUTCHERING6941-40.58%GAS-MINTING6833.33%SLEEP-MINTING01100%
While most scams saw a substantial decrease in prominence, rake token scams and ice phishing schemes saw a triple digit percentage increase, 223% and 109% respectively. Despite seeing a 21% decrease, soft rug pulls remain the most common detected scam totalling 15,735 in October and accounting for 39% of all scams detected during the month.
Precision, Recall, and Performance
The continuous evolution of threat detection within the Web3 space is embodied by Forta’s Scam Detector's marked progress in precision, which has seen a statistically significant increase from 88.44% to 95.40% from September to October. This leap in precision underscores a significant enhancement in the Network's ability to accurately identify and flag fraudulent activities.
The adjustments made to these systems were not made in isolation. The sample size for threat detection remained virtually consistent between the two months, with 1,082 instances in September and 1,088 in October, ensuring that the improvements in precision were not a result of diminished sample variability but rather enhanced algorithmic accuracy. Additionally, the strategic decision to continue the operation of bots in production while updating the Json file, rather than disabling them, maintained the integrity and continuity of the threat detection process.
When it comes to recall, the figures remained relatively stable and statistically insignificant —57% in September and slightly reduced to 52% in October. This minor fluctuation indicates that while precision has improved, the ability to capture all actual instances of scams remains challenged by sophisticated scam operations that evade detection, such as those utilizing vendor services or engaging in rug pulls. To this end, Forta’s ongoing collaboration with Nethermind and community bot developers to refine detection logic is an integral part of their commitment to improving overall system performance.
In a decentralized landscape where trust and security are paramount, the advancement of Forta’s detection capabilities serves as a cornerstone for safer Web3 operations. The relentless focus on fine-tuning the Scam Detector's accuracy and recall rates is not simply about keeping pace with the adversaries but about establishing a proactive stance against the threats that undermine the integrity of the digital economy.
Forta Threat Intelligence in the Wild
On October 15th, Twitter/X user Cryon posted a thread describing how Forta’s MetaMask Snap had saved him from a scam that would have drained his wallet for $10,000+. The scammer used an airdrop phishing scheme to lure in the unsuspecting user who only discovered the scam upon the signature screening.
Also in October, REKT founder Julien Bouteloup was scammed for $100k in a similar airdrop scheme that Forta had previously detected. Alongside Julian, Forta’s Scam Detector alerted on many other high profile scams before exploitation that would have saved users millions of dollars.
The Scam Detector powers the Forta’s MetaMask Snap, all Web3 users can download the Snap for free of charge here. Forta’s Scam Detector alerts on 15+ threat types and several top security projects already leverage Forta threat intelligence to power their offerings including Blowfish and many more yet to be announced.
Subscribe to Forta’s News
Stay updated on the latest Forta news and announcements.