Phishing scams decline for third straight month as losses drop 48% in February
Crypto anti-scam platform Scam Sniffer has reported that the amount lost to phishing scams in February was $5.32 million, a 48% decline compared to the January losses. In a post on X, the platform noted that the total number of victims of 7,442 addresses also marks almost a 20% month-over-month decrease.
With these numbers, the amount lost to phishing scams has declined for three consecutive months, going back to December 2024. Between December 2024 and January 2025, the losses fell by more than 50%, from $23.58 million to $10.25 million. This translated into a 77% quarterly decline between February 2025 and December 2024.
However, the crypto security experts noted that crypto users should not take that opportunity to let their guard down as the bad actors continue to prowl and wait for who to attack next.
Meanwhile, most of the biggest losses due to phishing in February happened on the Ethereum network, with the biggest being a $771,000 loss due to Address poisoning. Another victim also lost $611,000 on Ethereum due to a Permit, while one user on BNB Smart Chain had $610,000 stolen because they failed to revoke a phishing approval. The approval was granted 385 days ago, highlighting the need always to revoke old approvals.
Address poisoning gaining prevalence as experts advise caution
Interestingly, phishing scams due to address poisoning appear to be gaining momentum. Apart from the biggest phishing scam last month, where the first four and last six characters of the fake addresses matched, SamSniffer reported other incidents. In another instance, this led to a loss of $104,685.
Address poisoning is a form of scam where bad actors interact with wallets using similar addresses to trick unknown users into sending funds to the wrong address. Scammers usually create this impression using zero-value transfers or fake tokens, leading users to copy these fake addresses from their block explorer or wallet history and send funds to the wrong person.
According to Revoke.cash, it is now very important to double-check addresses before sending funds. They advised against copying addresses from transaction history, noting that this could prove costly even though it is the easiest thing to do.
Instead, users should always copy addresses directly from the main source every time they plan to send funds or simply use the ENS name for peer-to-peer transactions on Ethereum. They noted that the previous advice of checking the first four and last six characters may no longer be applicable as scammers create fake addresses that meet this parameter.
Crypto losses in February reached $126 million outside of the Bybit hack
While the amount lost to phishing scams declined in February, the overall losses in the industry reached $1.53 billion, according to data from blockchain security firm Certik. The Bybit $1.4 billion theft on February 21 accounted for a chunk of this.
However, the amount lost, excluding Bybit theft, was $126 million, representing an increase of 28.5% compared to the $98 million stolen in January 2025. The hack of stablecoin payment firm Infini, which resulted in a loss of $49.5, also contributed to this increase.
Despite the decline in phishing scams, Certik reported that they were still among the top three reasons for the loss of crypto assets in February. Wallet compromises were the major cause, followed by smart contract vulnerabilities.
Cryptopolitan Academy: Tired of market swings? Learn how DeFi can help you build steady passive income. Register Now
Read More
Here’s Where Ethereum’s Last Line Of Defense Lies, According To On-Chain Data
Phishing scams decline for third straight month as losses drop 48% in February
Crypto anti-scam platform Scam Sniffer has reported that the amount lost to phishing scams in February was $5.32 million, a 48% decline compared to the January losses. In a post on X, the platform noted that the total number of victims of 7,442 addresses also marks almost a 20% month-over-month decrease.
With these numbers, the amount lost to phishing scams has declined for three consecutive months, going back to December 2024. Between December 2024 and January 2025, the losses fell by more than 50%, from $23.58 million to $10.25 million. This translated into a 77% quarterly decline between February 2025 and December 2024.
However, the crypto security experts noted that crypto users should not take that opportunity to let their guard down as the bad actors continue to prowl and wait for who to attack next.
Meanwhile, most of the biggest losses due to phishing in February happened on the Ethereum network, with the biggest being a $771,000 loss due to Address poisoning. Another victim also lost $611,000 on Ethereum due to a Permit, while one user on BNB Smart Chain had $610,000 stolen because they failed to revoke a phishing approval. The approval was granted 385 days ago, highlighting the need always to revoke old approvals.
Address poisoning gaining prevalence as experts advise caution
Interestingly, phishing scams due to address poisoning appear to be gaining momentum. Apart from the biggest phishing scam last month, where the first four and last six characters of the fake addresses matched, SamSniffer reported other incidents. In another instance, this led to a loss of $104,685.
Address poisoning is a form of scam where bad actors interact with wallets using similar addresses to trick unknown users into sending funds to the wrong address. Scammers usually create this impression using zero-value transfers or fake tokens, leading users to copy these fake addresses from their block explorer or wallet history and send funds to the wrong person.
According to Revoke.cash, it is now very important to double-check addresses before sending funds. They advised against copying addresses from transaction history, noting that this could prove costly even though it is the easiest thing to do.
Instead, users should always copy addresses directly from the main source every time they plan to send funds or simply use the ENS name for peer-to-peer transactions on Ethereum. They noted that the previous advice of checking the first four and last six characters may no longer be applicable as scammers create fake addresses that meet this parameter.
Crypto losses in February reached $126 million outside of the Bybit hack
While the amount lost to phishing scams declined in February, the overall losses in the industry reached $1.53 billion, according to data from blockchain security firm Certik. The Bybit $1.4 billion theft on February 21 accounted for a chunk of this.
However, the amount lost, excluding Bybit theft, was $126 million, representing an increase of 28.5% compared to the $98 million stolen in January 2025. The hack of stablecoin payment firm Infini, which resulted in a loss of $49.5, also contributed to this increase.
Despite the decline in phishing scams, Certik reported that they were still among the top three reasons for the loss of crypto assets in February. Wallet compromises were the major cause, followed by smart contract vulnerabilities.
Cryptopolitan Academy: Tired of market swings? Learn how DeFi can help you build steady passive income. Register Now
Read More