Crypto phishing: Losses fall 83% in 2025, but wallets remain at risk

The year 2025 was marked by a clear reduction in the financial impact of phishing attacks in the world of cryptocurrencies, in particular those targeting wallet users. Total losses linked to wallet drainer scams amounted to $83.85 million, compared to nearly $494 million in 2024, a spectacular drop of 83% year-on-year. At the same time, the number of victims fell to 106,000, a decrease of 68% compared to the previous year. This development reflects both a decline in the number of attacks and a more limited overall exposure within the crypto ecosystem. Despite these encouraging indicators, experts point out that the risks linked to phishing remain very real and that losses continue to evolve in step with market activity.

Wallet thieves remain a persistent threat

Scam Sniffer's latest report on wallet thieves' activity on EVM-enabled blockchains shows that phishing scams remain closely correlated with market dynamics. Periods marked by high trading volumes and price increases on major assets attract more users, mechanically providing more opportunities for attackers. Thus, the third quarter of 2025 coincided with Ethereum's sharpest rally, while recording the highest quarterly level of phishing losses of the year, to the tune of $31 million.

On a monthly basis, losses fluctuated greatly. They went from $2.04 million in December, the quietest month of the year, to a peak of $12.17 million in August, when phishing activity peaked. The combined losses of August and September alone represented 29% of the annual totalaffecting 30,743 users. The largest attack of 2025 occurred in September, with $6.5 million stolen via a Permit signature. This amount, however, remains well below the record theft of $55.48 million observed in 2024. Permit and Permit2 mechanisms remain the most profitable attack vectors for fraudsters, representing alone 38% of the most significant losses.

Phishing trends and new attack techniques

Beyond the now well-known methods, the year 2025 saw the emergence of a new attack vector linked to EIP-7702, shortly after the update of the Pectra network. This development allowed attackers to execute multiple malicious actions within a single transaction signature.

The most notable incidents associated with this technique occurred in August, with two attacks alone resulting in $2.54 million in losses.

According to Scam Sniffer, several major trends are emerging for 2025:

• Large-scale phishing attacks were significantly less frequent than in 2024, reflecting an overall decline in the most severe incidents.
• In this context, only 11 events exceeded the million dollar loss threshold, compared to 30 the previous year.
• The average loss per victim dropped to $790 in 2025 from $1,488 in 2024.

Blockchain Security Challenges Go Beyond Phishing

Blockchain security has remained a complex issue throughout 2025, with threats affecting a wide range of sectors. SlowMist's 2025 Annual Report on Blockchain Security and Anti-Money Laundering records 200 security incidents having caused $2.935 billion in losses, compared to 410 incidents for a total of $2.013 billion in 2024.

SlowMist's findings highlight the distribution of losses according to ecosystems and types of projects:

• Ethereum concentrates the largest losses, with $183.25 million, followed by Solana ($17.45 million) and Arbitrum ($17.10 million).
• In terms of typology, decentralized finance recorded 126 incidents totaling $649 million in losses, while centralized exchanges suffered 22 incidents accounting for $1.809 billion.
• A loss recorded at Bybit alone reached $1.46 billion, illustrating the extent of the financial risks to which large platforms remain exposed.

Finally, PeckShield reports that losses from crypto hacks and breaches declined to $76 million in December 2025, a 60% decline from the $194.27 million recorded in November. This improvement did not, however, prevent the occurrence of 26 major incidents during the month, the most serious of which resulted in a loss of $50 million following a scam by address poisoning. Another incident, involving a multi-signature wallet, led to the theft of $27.3 million.