Fake Uniswap Google Ads Have Drained Over $400,000 From Crypto Wallets

The Mounting Financial Toll

The human and financial cost of this campaign is severe and well-documented. According to on-chain analysts, the specific fake Google Ad campaign impersonating Uniswap has siphoned at least $400,000 from victims as of May 2026 . This figure, however, only captures a fraction of the damage these techniques have caused over time. A single DeFi user lost $1.23 million in Uniswap V3 position NFTs in July 2025 after signing a malicious transaction on an identical phishing site promoted through Google Ads .

In February 2026, a Polymarket trader known as @ika_xbt publicly stated that he had lost his entire "mid-six-figure" net worth in one transaction after clicking a sponsored result that mimicked the Uniswap app . His case sparked a public warning from Uniswap's founder, Hayden Adams, who decried the platform's inability to stop the fraudulent ads despite years of community reporting . The broader context is equally alarming: in January 2026 alone, crypto theft from phishing and social engineering attacks soared to $370.3 million across 40 separate incidents, according to data from CertiK, marking the highest monthly total in nearly a year .

Defensive Measures: How to Stop a Drainer Attack

The sophistication of these scams means that the traditional advice of "just be careful" is insufficient. A layered, proactive defense is required, focusing on preventing the initial click and limiting the damage if a mistake is made.

1. Eradicate the click risk entirely. The single most effective measure is to never click on sponsored search results for any crypto platform. Instead, bookmark the official URL, app.uniswap.org, and navigate there directly. Do not trust that a Google Ad, even one appearing legitimate, has been vetted .

2. Scrutinize the URL with paranoia. Before connecting a wallet, look at the URL in the address bar with extreme care. Don’t just confirm that it “looks right”—look for the subtle homograph substitutions that Punycode attacks exploit. Practice hovering over links and comparing the displayed text to the actual browser destination .

3. Build a wallet security stack. A hardware wallet adds a crucial layer of defense because it requires you to physically verify and approve transaction details on a separate device. Supplement this with a browser extension purpose-built for crypto security. Tools like Pocket Universe, Wallet Guard, and Scam Sniffer can simulate a transaction's outcome and flag known malicious contracts before you sign, effectively blocking the attack even if you land on a clone site.

4. Limit exposure by revoking approvals. Every "approve" transaction you sign is a permanent permission slip for a smart contract to access your tokens. Over time, a wallet accumulates dozens of these stale approvals, creating a massive attack surface. Use a dedicated tool like Revoke.cash or Etherscan's token approval checker to routinely audit and revoke permissions you no longer need. This simple hygiene practice ensures that even if you make an error, a malicious contract's ability to drain your assets is severely limited.

Staying secure also requires staying informed. Following on-chain investigators like ZachXBT and analysts like Scam Sniffer’s @realScamSniffer for real-time alerts, as well as public statements from industry leaders such as Hayden Adams, provides an early warning system for new and evolving attack vectors .