Crypto Phishing Losses Plunge 83% in 2025, Report Shows

The Web3 security landscape witnessed a significant positive shift in 2025, as detailed in Scam Sniffer’s Thursday report. Losses from crypto phishing attacks plummeted to $83.85 million, a stark contrast to the nearly $494 million recorded the previous year. This 83% reduction was accompanied by a 68% year-over-year drop in victim counts to approximately 106,000 individuals. The data, focusing on signature-based phishing targeting Ethereum Virtual Machine (EVM)-compatible chains, suggests a combination of reduced attack frequency and improved user awareness contributed to the downturn.

However, Scam Sniffer’s researchers explicitly warned against interpreting this sharp contraction as evidence that phishing threats have been eradicated. Instead, the analysis reveals a critical correlation: loss patterns tracked closely with broader cryptocurrency market cycles. Phishing escalates during periods of elevated on-chain activity and subsides when trading volumes cool. This indicates that phishing success operates more as a probabilistic function of overall user engagement—more potential targets online means more successful thefts—rather than representing a constant, unchanging threat level.

The influence of market cycles on phishing vulnerability was starkly illustrated in 2025’s quarterly data. The third quarter emerged as the most dangerous period for users, with total losses hitting $31 million. This surge coincided with Ethereum’s strongest price rally of the year, driving increased market participation. August and September alone accounted for nearly 29% of the year’s total losses, with August recording the annual peak of $12.17 million in stolen funds.

Conversely, December presented the inverse scenario. As market participation declined in the year’s final month, phishing losses contracted to just $2.04 million—the lowest monthly total recorded. The report also highlighted November as an unusual case. While overall losses were lower, the month featured fewer total victims but significantly higher average theft amounts per incident. This pattern demonstrates how sophisticated, targeted attacks against high-value holders can inflict substantial damage even when broad-based phishing campaigns show reduced activity.

While the frequency of large-scale incidents diminished, the potential for severe losses remained. In 2025, only eleven individual phishing cases exceeded $1 million in losses, collectively representing $22.98 million of the annual total. The single largest signature-based phishing theft involved $6.5 million, stolen in September through a Permit signature exploit. This technique manipulates token approval mechanisms to drain wallets without the user’s full comprehension.

The report notes that other attack vectors beyond signature phishing resulted in even more catastrophic individual losses. The most damaging incident of the year was a $50 million address poisoning scam, where attackers generated wallet addresses visually similar to legitimate ones. This exploit preys on users who verify only partial address characters before sending transactions. Another major breach led to $27.3 million stolen after private keys were compromised in a multi-signature wallet setup, highlighting that vulnerabilities persist even in supposedly secure, advanced custody arrangements.

The positive trend in phishing reduction aligns with a broader, though mixed, picture for crypto security. Recently, another blockchain security firm, PeckShield, reported that total losses from hacks and cybersecurity exploits across the entire industry reached approximately $76 million in December. While still a significant sum, this figure represents a 60% decrease from November’s $194.2 million, suggesting a possible industry-wide cooling of exploit activity as the year ended.

This security analysis arrives amidst other significant developments in the blockchain space, such as the Asian Development Bank’s (ADB) plan to develop a prototype for a cross-border securities transaction system using blockchain. Furthermore, the return of services like BlockFi enabling crypto withdrawals for eligible US users indicates a maturing regulatory and operational landscape. While assets like BNB and Bitcoin Cash continue their market trajectories, the overarching narrative from Scam Sniffer is clear: user vigilance must remain high, especially during bull markets, as the threat of sophisticated phishing adapts to the rhythms of the crypto economy.