Crypto Phishing Losses Plunge 83% in 2025, but Wallet Threats Persist

The year 2025 marked a notable decline in the financial impact of cryptocurrency phishing attacks, particularly those targeting wallet users. Total losses from wallet drainer scams reached $83.85 million, a steep drop from nearly $494 million in 2024, representing an 83% year-over-year decrease. The number of victims fell to 106,000, down 68% from the previous year, reflecting both fewer attacks and reduced exposure across the crypto ecosystem. Despite these encouraging numbers, experts warn that phishing risks remain present, and losses continue to fluctuate with market activity.

Wallet Drainers Remain a Persistent Threat

Scam Sniffer’s latest report on wallet drainer activity across EVM-compatible chains highlights that phishing scams continue to track market trends. Periods of high trading volume and strong asset rallies tend to increase user participation, creating more opportunities for attackers. For instance, the third quarter of 2025 coincided with Ethereum’s strongest price rally and the highest quarterly phishing losses, totaling $31 million.

Monthly losses showed significant variation, ranging from $2.04 million in December, the slowest month of the year, to $12.17 million in August, when phishing activity reached its highest level. August and September combined accounted for 29% of the year’s total losses, impacting 30,743 users. The largest single attack of the year occurred in September, with $6.5 million stolen via a permit signature, a sharp decline from 2024’s $55.48 million heist. Permit and Permit2 approvals continued to be the most effective methods for attackers, responsible for 38% of major losses.

 Phishing Trends and New Attack Techniques

Beyond these familiar methods, 2025 saw the rise of a new type of attack through EIP-7702, shortly following the Pectra network upgrade, which allowed attackers to execute several malicious operations within a single transaction signature. The largest incidents with this method occurred in August, causing $2.54 million in losses across just two cases.

Other major trends in 2025, as outlined by Scam Sniffer, show how phishing activity continued to change :

• Large-scale phishing attacks occurred less often than in 2024, reflecting a general decline in severe incidents.
• Within this reduced activity, only 11 events in 2025 resulted in losses above $1 million, compared with 30 the previous year.
• The average loss per victim fell to $790 in 2025 from $1,488 in 2024.

Blockchain Security Challenges Extend Beyond Phishing

Blockchain security remained a complex issue in 2025, with various threats impacting multiple sectors. SlowMist’s 2025 Blockchain Security & AML Annual Report recorded 200 security incidents resulting in $2.935 billion in losses, compared with 410 incidents and $2.013 billion in 2024.

Key insights from SlowMist reveal how losses were spread across ecosystems and project types:

• Ethereum suffered the highest losses among blockchain ecosystems at $183.25 million, followed by Solana with $17.45 million and Arbitrum with $17.10 million.
• Looking at project types, decentralized finance saw 126 incidents resulting in $649 million in losses, while centralized exchanges experienced 22 incidents totaling $1.809 billion.
• Among these, a single loss at Bybit accounted for $1.46 billion, showing the scale of financial exposure faced by major platforms.

Meanwhile, PeckShield reported that losses from cryptocurrency hacks and security breaches dropped to $76 million in December 2025, representing a 60% decline compared with November’s $194.27 million. Despite the overall decline, 26 major security incidents still occurred during the month. The most severe case involved a $50 million loss from an address poisoning scam, while another incident affecting a multi-signature wallet resulted in $27.3 million stolen.