- The analysis revealed that victim counts dropped 68% year-over-year to approximately 106,000 individuals
- The single largest theft via signature-based phishing involved $6.5 million stolen through a Permit signature exploit in September
In a major relief, losses from crypto phishing attacks declined dramatically throughout 2025, falling to $83.85 million compared to nearly $494 million the previous year, representing an 83% reduction.
Web3 security platform Scam Sniffer released findings Thursday documenting the sharp contraction in signature-based phishing targeting Ethereum Virtual Machine-compatible chains. The analysis revealed that victim counts dropped 68% year-over-year to approximately 106,000 individuals, suggesting both reduced attack frequency and improved user awareness contributed to the decline.
However, researchers cautioned against interpreting the data as evidence that phishing threats have been eliminated. Instead, loss patterns tracked closely with cryptocurrency market cycles, escalating during periods of elevated onchain activity and subsiding when trading volumes cooled. This correlation indicates phishing success operates as a probabilistic function of overall user engagement rather than a constant threat level.
The third quarter emerged as the year’s most dangerous period for phishing victims. Losses during that the three-month span reached $31 million, coinciding with Ethereum’s strongest price rally of 2025. August and September alone accounted for nearly 29% of total annual losses, with August recording the year’s peak monthly figure of $12.17 million in stolen funds.
December presented the inverse scenario. As market participation declined during the year’s final month, phishing losses contracted to just $2.04 million — the lowest monthly total recorded.
November also displayed unusual characteristics despite lower overall losses, the report points out. That month featured fewer total victims but significantly higher average theft amounts per incident, demonstrating how sophisticated, targeted attacks against high-value holders can produce substantial damage even when broad-based phishing campaigns show reduced activity.
As per the report, large-scale phishing incidents became considerably rarer in 2025. Only eleven individual cases exceeded $1 million in losses, collectively representing $22.98 million of the annual total. The single largest theft via signature-based phishing involved $6.5 million stolen through a Permit signature exploit in September, a technique that manipulates token approval mechanisms to drain wallets.
Beyond signature phishing, other attack vectors produced even more severe individual losses. Last year’s most damaging incident involved a $50 million address poisoning scam, where attackers generated wallet addresses visually similar to legitimate ones, exploiting users who verify only partial address characters before sending transactions. Another major breach resulted in $27.3 million stolen after private keys were compromised in a multi-signature wallet configuration, highlighting vulnerabilities in supposedly secure custody arrangements.
Recently, another blockchain security firm, PeckShield reported that total losses from hacks and cybersecurity exploits across the industry reached approximately $76 million in December, representing a 60% decrease from November’s $194.2 million.