CryptoCurrency
Signature Crypto Phishing Losses Plunge 83% in 2025
Crypto phishing losses plunged 83% to $83.85 million in 2025 from $494 million the previous year, according to a Scam Sniffer report.
Summary
- Signature phishing losses fell to $83.9M in 2025, down sharply from $494M in 2024.
- Victim count dropped 68% as large phishing cases over $1M became far less common.
- Losses peaked during Q3 market rallies, then fell sharply as trading activity cooled.
Victims fell 68% to 106,106 from 332,000 in 2024, with the largest single theft dropping 88.3% to $6.5 million from $55.48 million.
Large cases exceeding $1 million declined 63.3% to 11 incidents from 30 in 2024. The data covers wallet drainer attacks via phishing websites on EVM-compatible chains, excluding direct hacks, exchange compromises, and smart contract exploits.
Q3 peak correlates with market rally
Third quarter crypto phishing losses totaled $31.04 million across 39,886 victims, coinciding with Ethereum’s strongest rally period. The quarter accounted for 37% of annual losses while representing one-quarter of the calendar year.
August and September combined for $23.95 million in losses, representing 29% of yearly totals during the market’s most active trading period. Average loss per victim stood at $778 in Q3, down from $969 in Q1.
Fourth quarter saw the sharpest decline with just $13.09 million in losses across 22,592 victims as markets cooled. December posted the lowest monthly total at $2.04 million with 5,313 victims.
“Market-Loss Correlation: Q3’s highest losses ($31M) coincided with ETH’s strongest rally. More market activity = more potential victims,” the report stated. “Phishing operates as a probability function of user activity.”
November presented an anomaly with losses surging 137% while victim count dropped 42%. Average loss per victim jumped to $1,225 from $580 in October, though the report characterized this as monthly fluctuation rather than confirmed trend.
EIP-7702 exploitation surfaces post-Pectra
Crypto phishing attackers exploited EIP-7702 account abstraction features shortly after the Pectra upgrade, bundling multiple malicious operations into single signatures.
August saw the largest EIP-7702 cases totaling $2.54 million across two incidents.
Permit and Permit2 signatures accounted for $8.72 million across three cases, representing 38% of large-case losses.
Transfer-based attacks totaled $4.87 million across two incidents, while Approve and increaseApproval signatures combined for $5.62 million across three cases.
The largest 2025 theft involved $6.5 million in stETH and aEthWBTC stolen via Permit signature in September.
A May attack extracted $3.13 million in WBTC through increaseApproval, while August saw $3.05 million in aEthUSDT stolen via Transfer signature.
Six of the 11 cases exceeding $1 million occurred during July through September, aligning with peak market activity. Total large-case losses reached $22.98 million, representing 27% of the yearly total.
