{"id":2106,"date":"2026-01-04T11:55:22","date_gmt":"2026-01-04T16:55:22","guid":{"rendered":"https:\/\/www.decentralnetwork.org\/news\/?p=2106"},"modified":"2026-01-04T11:55:26","modified_gmt":"2026-01-04T16:55:26","slug":"crypto-12","status":"publish","type":"post","link":"https:\/\/www.decentralnetwork.org\/news\/crypto-12\/","title":{"rendered":"Crypto Phishing Losses Drop 83% in 2025 as Scams Slow Down"},"content":{"rendered":"\n
\"Crypto<\/figure>\n\n\n\n

Crypto phishing losses fell sharply in 2025, signaling a major slowdown in one of the industry\u2019s most persistent threats. According to a new report from Scam Sniffer, users lost about $83.85 million<\/strong> to signature-based phishing attacks this year \u2014 an 83% drop<\/strong> from the $494 million<\/strong> recorded in 2024.<\/p>\n\n\n\n

The decline wasn\u2019t limited to dollar losses. The number of victims also dropped significantly, falling 68% to 106,106 users<\/strong>, compared with more than 332,000 victims<\/strong> last year. Large-scale phishing attacks became far less common, with incidents exceeding $1 million dropping to just 11 cases<\/strong>, down from 30 in 2024<\/strong>.<\/p>\n\n\n\n

The report focuses specifically on wallet drainer attacks carried out through phishing websites on EVM-compatible blockchains<\/strong>. It excludes direct hacks, exchange breaches, and smart contract exploits, offering a clearer picture of how signature-based scams are evolving.<\/p>\n\n\n\n

Losses peaked during market excitement<\/h3>\n\n\n\n

While overall losses were much lower, phishing activity still followed familiar market patterns. The third quarter of the year saw the highest losses, totaling $31.04 million<\/strong> across nearly 39,900 victims<\/strong>. This spike coincided with Ethereum\u2019s strongest rally of the year, reinforcing the idea that higher trading activity creates more opportunities for scammers.<\/p>\n\n\n\n

Q3 alone accounted for 37% of total annual losses<\/strong>, even though it represents just one-quarter of the year. August and September together contributed $23.95 million<\/strong>, or 29% of the yearly total<\/strong>, during a period of heightened market participation.<\/p>\n\n\n\n

Despite the increased activity, the average loss per victim<\/strong> in Q3 fell to $778<\/strong>, down from $969 in Q1<\/strong>, suggesting users may be getting better at limiting damage or spotting scams sooner.<\/p>\n\n\n\n

By contrast, the fourth quarter saw a steep decline as markets cooled. Losses dropped to just $13.09 million<\/strong> across 22,592 victims<\/strong>, with December<\/strong> recording the lowest monthly total of the year at $2.04 million<\/strong>.<\/p>\n\n\n\n

Scam Sniffer summed it up clearly: more market activity means more potential victims, as phishing thrives on user engagement rather than technical breakthroughs.<\/p>\n\n\n\n

EIP-7702 exploitation emerges<\/h3>\n\n\n\n

Attackers also adapted to new technology. Shortly after Ethereum\u2019s Pectra <\/a>upgrade<\/strong>, scammers began exploiting EIP-7702 account abstraction<\/strong>, allowing them to bundle multiple malicious actions into a single signature.<\/p>\n\n\n\n

The largest EIP-7702-related incidents occurred in August<\/strong>, totaling $2.54 million<\/strong> across two attacks. Meanwhile, Permit and Permit2 signatures<\/strong> were responsible for $8.72 million<\/strong> across three major cases, accounting for 38% of large-case losses<\/strong>.<\/p>\n\n\n\n

Other methods included transfer-based attacks ($4.87 million<\/strong>) and approve or increaseApproval signatures ($5.62 million<\/strong> combined).<\/p>\n\n\n\n

The biggest theft of 2025 happened in September<\/strong>, when attackers stole $6.5 million<\/strong> in stETH and aEthWBTC using a Permit signature. Overall, large phishing cases totaled $22.98 million<\/strong>, making up 27% of the year\u2019s losses<\/strong>, with most occurring during peak market months.<\/p>\n\n\n\n

While the sharp drop in losses is encouraging, the report shows phishing remains closely tied to market momentum \u2014 meaning vigilance is still essential during crypto rallies.<\/p>\n\n\n\n

Also Read: Why Crypto\u2019s Quiet Evolution May Be the Key to Mass Adoption<\/a><\/p>\n\n\n\n

<\/p>\n","protected":false},"excerpt":{"rendered":"

Crypto phishing losses fell sharply in 2025, signaling a major slowdown in one of the industry\u2019s most persistent threats. According … <\/p>\n

Read more<\/a><\/p>\n","protected":false},"author":1,"featured_media":2107,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[9],"tags":[2884,2889,2891,2890,2892,2885,2893,2886,2887,2888],"class_list":["post-2106","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cryptocurrency","tag-crypto-phishing-losses-2025-report","tag-crypto-phishing-losses-drop-83-percent","tag-crypto-scams-during-market-rally","tag-crypto-wallet-security-awareness","tag-eip-7702-phishing-exploitation","tag-ethereum-phishing-scams-2025","tag-phishing-attacks-on-evm-blockchains","tag-scam-sniffer-crypto-phishing-report","tag-signature-phishing-crypto-losses","tag-wallet-drainer-phishing-attacks-crypto","resize-featured-image"],"jetpack_featured_media_url":"https:\/\/www.decentralnetwork.org\/news\/wp-content\/uploads\/2026\/01\/Untitled-design-2026-01-04T222337.646.webp","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.decentralnetwork.org\/news\/wp-json\/wp\/v2\/posts\/2106","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.decentralnetwork.org\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.decentralnetwork.org\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.decentralnetwork.org\/news\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.decentralnetwork.org\/news\/wp-json\/wp\/v2\/comments?post=2106"}],"version-history":[{"count":1,"href":"https:\/\/www.decentralnetwork.org\/news\/wp-json\/wp\/v2\/posts\/2106\/revisions"}],"predecessor-version":[{"id":2108,"href":"https:\/\/www.decentralnetwork.org\/news\/wp-json\/wp\/v2\/posts\/2106\/revisions\/2108"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.decentralnetwork.org\/news\/wp-json\/wp\/v2\/media\/2107"}],"wp:attachment":[{"href":"https:\/\/www.decentralnetwork.org\/news\/wp-json\/wp\/v2\/media?parent=2106"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.decentralnetwork.org\/news\/wp-json\/wp\/v2\/categories?post=2106"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.decentralnetwork.org\/news\/wp-json\/wp\/v2\/tags?post=2106"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}