---
title: "Uniswap Phishing Scam Through Google Ads Steals $400K"
date: 2026-05-26
author: "Sofia Ramirez"
featured_image: "https://sqmagazine.co.uk/wp-content/uploads/2026/05/fake-google-ads-phishing-scam-targets-uniswap.jpg"
categories:
  - name: "Cybersecurity"
    url: "/cybersecurity.md"
tags:
  - name: "News"
    url: "/tag/news.md"
---

# Uniswap Phishing Scam Through Google Ads Steals $400K

Uniswap phishing scam through fake Google ads has reportedly stolen more than $400,000 from crypto users by tricking them into connecting wallets to cloned websites.

## Quick Summary – TLDR:

- Fake Google ads impersonating Uniswap were used to steal crypto funds from users.
- Attackers reportedly collected at least $400,000 through phishing websites.
- Security researchers warned that these scams are becoming more common across crypto platforms.
- Security Alliance said similar phishing campaigns stole $1.27 million within weeks earlier this year.

## What Happened?

A large phishing campaign targeting crypto users through fake Google advertisements has reportedly stolen more than **$400,000** by impersonating decentralized exchange protocol **[Uniswap](https://sqmagazine.co.uk/uniswap-statistics/)**. Security researchers and blockchain analysts said the attackers used sponsored Google search ads to place malicious links above legitimate search results, tricking users into visiting cloned websites.

The scam was first highlighted by on chain analyst “b block,” who discovered wallet addresses connected to the operation. The addresses reportedly held around **146 ETH**, valued at roughly **$306,000** at the time of reporting, while the total amount stolen from victims was estimated to exceed **$400,000**.

> Community alert:  
>   
> A website impersonating Uniswap is draining funds from multiple wallets.  
>   
> The scammers are currently holding at least ~$400,000.  
>   
> 0x37925684BA178821b4436E06e67f5dBD6cfA49Bb  
> 0x2fC25F46cC49D226eF92E9A7665f3d2821F3c5E2  
>   
> Please only use official links, and… [pic.twitter.com/JikqftTVHY](https://t.co/JikqftTVHY)
> 
> — b-block (@b\_block\_oficial) [May 25, 2026](https://twitter.com/b_block_oficial/status/2058874189164040664?ref_src=twsrc%5Etfw)

 ## Fake Google Ads Continue Targeting Crypto Users

The [phishing operation](https://sqmagazine.co.uk/phishing-and-wallet-drainer-incidents-statistics/) reportedly relied on paid Google advertisements that closely resembled official Uniswap links. Once users clicked the sponsored result, they were redirected to fake websites designed to look nearly identical to the real platform.

According to **Stacy Muur**, founder of Web3 marketing agency Green Dots, the fake ads appeared prominently in [Google Search results](https://sqmagazine.co.uk/google-search-statistics/), often ranking above legitimate crypto websites. She criticized Google for failing to stop these attacks despite years of similar incidents affecting crypto users.

> Two scammers have already stolen ~$400,000 from users through a phishing [@Uniswap](https://twitter.com/Uniswap?ref_src=twsrc%5Etfw) ad on Google.  
>   
> It’s insane that Google has ignored this issue for years while fake links keep getting pushed above real ones and users keep getting drained.  
>   
> This is the first result that popped out… <https://t.co/Ov488s9DIl> [pic.twitter.com/qStRGq8qTE](https://t.co/qStRGq8qTE)
> 
> — Stacy Muur (@stacy\_muur) [May 25, 2026](https://twitter.com/stacy_muur/status/2058889644935442468?ref_src=twsrc%5Etfw)

 Security experts explained that the cloned websites trick victims into connecting their crypto wallets and approving malicious transactions. After approval is granted, attackers can gain access to funds directly without needing private keys.

## Security Groups Warn About Growing Phishing Threat

Blockchain security organizations say these attacks are becoming increasingly sophisticated. Decentralized finance analytics platform **DeFiLlama** described fake [Google ads](https://sqmagazine.co.uk/google-ads-statistics/) as one of the most common sources of phishing attacks in crypto.

The **Security Alliance**, also known as SEAL, previously warned that phishing activity connected to Google Search ads saw a “**significant uptick**” earlier this year. According to the group, attackers either buy advertisements directly through Google Ads or compromise legitimate advertiser accounts to spread malicious links.

SEAL said threat actors aggressively outbid legitimate crypto companies so their phishing websites appear at the top of sponsored search results. The organization also revealed that it blocked more than **356 malicious ad links** over the past year, showing how widespread the campaign has become.

Researchers added that many phishing pages now use advanced techniques to avoid detection. Attackers reportedly use hidden iframes and secondary malicious payloads that remain invisible to Google’s automated systems while displaying legitimate looking URLs to users.

## Millions Lost Through Similar Crypto Scams

The Uniswap phishing campaign is not an isolated case. SEAL reported that phishing attacks connected to malicious Google advertisements resulted in approximately **$1.27 million** in losses between March 13 and March 30 alone.

Earlier reports from blockchain security platform **Scam Sniffer** also highlighted a similar incident where a decentralized finance user lost more than **$1.23 million** worth of Uniswap NFTs after interacting with a fake website promoted through Google Ads.

According to Scam Sniffer, the attackers used a cloned Uniswap interface and tricked the victim into signing a malicious transaction that approved unlimited asset transfers through a harmful smart contract.

Security firms have also warned about the growing use of cloned interfaces and deceptive domains that appear almost identical to legitimate crypto platforms. In many cases, users may not realize they are interacting with a fake site until their wallets have already been drained.

## Why These Attacks Keep Working?

Experts say phishing attacks continue succeeding because many users trust sponsored search results without verifying website authenticity. Attackers take advantage of this trust by creating professional looking websites and advertisements that closely mimic legitimate crypto brands.

The high trading activity around major decentralized finance platforms like Uniswap also creates opportunities for scammers to target active crypto users searching for quick access to exchanges and trading tools.

Security researchers recommend users avoid clicking sponsored crypto links on search engines and instead access platforms directly through bookmarked official websites.

## SQ Magazine Takeaway

I think this story highlights one of the biggest ongoing failures in [online advertising](https://sqmagazine.co.uk/internet-advertising-transforms-online-games/) security. Crypto phishing scams through Google ads are not new, yet they continue appearing at the top of search results where users naturally assume links are safe. What makes this situation worse is how convincing these fake websites have become. Even experienced crypto users can fall into the trap if they are not paying close attention. The crypto industry keeps pushing for mainstream adoption, but attacks like this continue damaging trust and exposing major weaknesses in how online ads are monitored.