An unwitting cryptocurrency holder has reportedly fallen victim to an eye-watering $4.46 million phishing scam.

According to data from Etherscan, $4.46 million in Tether (USDT) was withdrawn from a Kraken crypto exchange wallet and eventually sent to an address ending “ACa7.”

Blockchain security firm PeckShield, has labeled the address as being owned by a phishing scammer.

Another blockchain scam platform, Scam Sniffer, suggested on Sept. 20 that the funds were sent to an address linked to a “fake Coinone crypto mining exchange."

Scam Sniffer linked to a user-created Dune Analytics dashboard, suggesting attacks of this nature have seen scammers steal approximately $337.1 million USDT in total, impacting as many as 21,953 individuals.

@tayvano’s Dune Analytics dashboard on USDT Approval Scams. Source: Dune Analytics.

Related: Crypto whale loses $24M in staked Ethereum to phishing attack

The Global Anti-Scam organization says this type of approval mining scam usually tricks victims into authorizing unlimited withdrawals from their cryptocurrency wallet.

“When you create a self-custody crypto wallet [...] you obtain a "private key" that is safeguarded through encryption. However, the fraudsters do not need your seed phrase,” GASO said, explaining on its website that when a victim clicks to partake in the fake mining pool, they’re clicking on a button that will request a $10 to $50 network fee in Ether (ETH).

While it seems reasonable, GASO suggests it is part of to trick the user:

“This is merely a front to obtain your digitally signed authorization, allowing unlimited access to your wallet via the USDT smart contract.”

Magazine: Asia Express: Thailand’s national airdrop, Delio users screwed, Vietnam top crypto country