Phishing scams, assaults disguised as legit communication or web sites designed to steal funds and delicate data, price crypto customers over $12 million in August, up 72% from July, Web3 anti-scam service Rip-off Sniffer reported on Saturday.
Crypto phishing scams impacted 15,230 victims in August, a 67% enhance from July, with the only largest loss costing one person over $3 million, according to Rip-off Sniffer.
The Rip-off Sniffer staff additionally famous a “sharp escalation” in EIP-7702 signature scams. EIP-7702 is an Ethereum enchancment proposal that permits Externally Owned Accounts to behave as good contract wallets that may execute transactions and shift funds.
Scammers and hackers exploiting this functionality drained over $5.6 million in August via three separate assaults, Rip-off Sniffer mentioned.
Scams and cybersecurity exploits proceed to be an issue in crypto, with over $163 million stolen in August via malicious exercise. The persistent menace is a reminder for crypto customers to stay vigilant and observe good anti-phishing and anti-scam safety measures.
Associated: Venus Protocol recovers user’s $13.5M stolen in phishing attack
Good practices for staying protected towards phishing scams
Losses from crypto hacks and scams crossed $3.1 billion within the first half of 2025 amid more and more subtle assault strategies.
Scammers usually goal customers by posing as legit and well-known cryptocurrency exchanges, both organising pretend web sites with related URL addresses to legit exchanges or sending pretend communications to customers.
These communications embrace emails, textual content messages, and even physical letters sent through the mail, designed to steal delicate person data, together with seed phrases for crypto wallets and passwords to on-line accounts.
Usually, the scammers will faux to be customer support brokers from respected exchanges, claiming that the person’s account is going through some kind of menace or cybersecurity challenge and demand private data from the person, together with seed phrases.
Good practices to avoid phishing scams embrace checking URLs for tiny errors and bookmarking pages as a substitute of utilizing engines like google or the search bar to entry web sites each time, verifying web site hyperlinks, and avoiding downloading attachments or clicking hyperlinks from unknown sources.
Phishing scams usually comprise misspelled phrases or grammatical errors, and any of those errors is a pink flag; customers ought to learn via messages rigorously to detect such errors.
Crypto and Web3 customers also needs to use digital non-public networks (VPNs) to masks their IP addresses and bodily areas, by no means give out seed phrases or passwords, and allow two-factor authentication for delicate on-line accounts.
Journal: $55M DeFi Saver phish, copy2pwn hijacks your clipboard: Crypto Sec
