Crypto Phishing Losses Drop 83% to $83.85 Million in 2025
Crypto phishing losses significantly decreased in 2025, but the threat persists in different forms. Scam Sniffer's analysis indicates:
- Phishing losses fell to $83.85 million, an 83% drop from 2024.
- Affected wallets decreased by 68%, totaling around 106,000.
- Only 11 incidents exceeded $1 million, down from 30 the previous year.
- The largest theft involved a $6.5 million Permit signature attack.
Market activity influenced losses, with the third quarter reaching $31 million as Ethereum rallied. August saw $12.17 million in losses, while December had the least at $2 million. This indicates fraudsters target busy trading times.
Permit and Permit2 signature abuses were primary drivers of large losses. New techniques like EIP-7702 batch signatures emerged post-network upgrades, exploiting user approval flows instead of smart contract bugs.
The decrease in losses is attributed to improved wallet warnings, approval revocation tools, and active onchain monitoring. However, reduced totals don't imply complete safety. Phishing remains cyclical, likely to spike during rallies or with new signing features.
Security measures advised include checking approvals, avoiding blind signing, and using wallet tools for flagging risks. Despite oversight from regulators and exchanges, users and wallet software remain crucial in preventing attacks.