A new phishing scam called FreeDrain has been uncovered, targeting cryptocurrency enthusiasts by silently stealing funds from their wallets. This operation exploits social engineering tactics such as phishing and fake airdrops to deceive users into revealing sensitive information. Security experts highlight that off-chain vulnerabilities—including compromised private keys, infrastructure weaknesses, and insufficient decentralization—are increasingly driving decentralized finance (DeFi) hacks. These operational risks pose a major threat to the crypto ecosystem. Additionally, phishing remains a prevalent method for stealing social media accounts, with attackers tricking users into clicking malicious links or entering credentials on counterfeit websites.