Crypto phishing losses plunge 83% to $84M, report finds

Source: Cryptonews Original Title: Crypto phishing losses plunge 83% to $84M, report finds Original Link: https://crypto.news/crypto-phishing-losses-plunge-83-to-84m-report-finds/ Crypto phishing losses plunged 83% to $83.85 million in 2025 from $494 million the previous year, according to a Scam Sniffer report.

Summary

• Signature phishing losses fell to $83.9M in 2025, down sharply from $494M in 2024.
• Victim count dropped 68% as large phishing cases over $1M became far less common.
• Losses peaked during Q3 market rallies, then fell sharply as trading activity cooled.

Victims fell 68% to 106,106 from 332,000 in 2024, with the largest single theft dropping 88.3% to $6.5 million from $55.48 million.

Large cases exceeding $1 million declined 63.3% to 11 incidents from 30 in 2024. The data covers wallet drainer attacks via phishing websites on EVM-compatible chains, excluding direct hacks, exchange compromises, and smart contract exploits.

Q3 peak correlates with market rally

Third quarter crypto phishing losses totaled $31.04 million across 39,886 victims, coinciding with Ethereum’s strongest rally period. The quarter accounted for 37% of annual losses while representing one-quarter of the calendar year.

August and September combined for $23.95 million in losses, representing 29% of yearly totals during the market’s most active trading period. Average loss per victim stood at $778 in Q3, down from $969 in Q1.

Fourth quarter saw the sharpest decline with just $13.09 million in losses across 22,592 victims as markets cooled. December posted the lowest monthly total at $2.04 million with 5,313 victims.

“Market-Loss Correlation: Q3’s highest losses ($31M) coincided with ETH’s strongest rally. More market activity = more potential victims,” the report stated. “Phishing operates as a probability function of user activity.”

November presented an anomaly with losses surging 137% while victim count dropped 42%. Average loss per victim jumped to $1,225 from $580 in October, though the report characterized this as monthly fluctuation rather than confirmed trend.

EIP-7702 exploitation surfaces post-Pectra

Crypto phishing attackers exploited EIP-7702 account abstraction features shortly after the Pectra upgrade, bundling multiple malicious operations into single signatures.

August saw the largest EIP-7702 cases totaling $2.54 million across two incidents.

Permit and Permit2 signatures accounted for $8.72 million across three cases, representing 38% of large-case losses.

Transfer-based attacks totaled $4.87 million across two incidents, while Approve and increaseApproval signatures combined for $5.62 million across three cases.

The largest 2025 theft involved $6.5 million in stETH and aEthWBTC stolen via Permit signature in September.

A May attack extracted $3.13 million in WBTC through increaseApproval, while August saw $3.05 million in aEthUSDT stolen via Transfer signature.

Six of the 11 cases exceeding $1 million occurred during July through September, aligning with peak market activity. Total large-case losses reached $22.98 million, representing 27% of the yearly total.