Crypto phishing scams cost users $5.29 million in April as attack tactics diversify

By: bitcoin ethereum news|2025/05/03 12:00:03
0
Share
copy
Crypto users lost $5.29 million to phishing scams in April 2025, according to the latest report from ScamSniffer. The scam reporting platform noted that this represents a 17% decline compared to March loss. However, the number of phishing victims increased substantially in April, with a total of 7,565 addresses affected by the attacks. This is a 26% increase compared to the 5,992 victims in March and highlights the evolving tactics by the scammers. The biggest loss in the month was $1.43 million lost by a whale due to signing several phishing signatures. This shows that high-value victims remain vulnerable, as the biggest attack in March was a whale who lost $1.82 million to a similar attack vector. There were other users who also lost significant amounts to signed phishing signatures. These include a user, 0xc1e4260cb, who lost $666,414 to a multipermit phishing signature, and 0x7C930969FCF who lost $234,000. Meanwhile, the second-biggest attack last month was $700,000 in losses by one user who copied the wrong address. Address poisoning has ranked as one of the leading causes of phishing scam losses this year, and it appears that this will continue. In this particular case, the victim copied a fake address that shared the same first six characters with the legitimate address, while the last four characters were the same except in different alphabet cases. Unsurprisingly, there were other significant losses due to address poisoning. In one case, another user lost $150,000 because they copied the wrong address, while 0xEFc4f1d5 also sent $467,175 to the wrong address for the same reason. Nevertheless, April is the month with the lowest crypto phishing losses this year, other than February, which had $5.32 million in losses. Scammers are devising new ways to attack users Meanwhile, April also saw scammers rely heavily on various means to target users. ScamSniffer identified fake “Solscan” ads on Google Search results as phishing links, noting that the spoof site was the leading search result on Google when a user searched for Solscan. It noted: “These phishing ads are designed to drain your wallet through malicious transaction signatures.” While the URL for the phishing link and the authentic page appear to be the same, clicking on the link actually redirects users to Solscaan.com. Google has removed the ad. Interestingly, fake Google ads were not the only means through which attackers are trying to exploit users. Ethereum Name Service lead developer Nick Johnson also identified another email phishing attack that targets Google accounts, with scammers deploying fake login pages using Google sites for credibility. With scammers relying on various techniques to target crypto users, security analysts continue to highlight how individuals can protect themselves against such attacks by identifying when they are being phished. ScamSniffer shared infographics on its page showing the various ways that scammers can initiate these attacks using Twitter, Discord, airdrop, scam adverts, and software compromise. It also identified all the popular phishing signatures that users can unknowingly sign and lose their assets. Meanwhile, Revoke Cash also posted necessary precautions for users to avoid address poisoning. These precautions include double-checking all the addresses before executing a transaction, not copying addresses from the transaction histories, and using wallets that support bookmarks or whitelisting. $364 million lost to crypto hacks in April Meanwhile, the over $5 million lost in phishing scams only accounts for a small percentage of the total crypto losses in April. According to blockchain security firm CertiK, a total of $364 million was lost to hacks and scams in April. One incident was responsible for $336 million of the losses, and it involved a social engineering attack resulting in the theft of 3,520 Bitcoins from one individual who had been holding the asset since 2017. On-chain sleuth ZachXBT confirmed that the victim was an elderly individual in the US. CertiK categorized this attack as phishing. By their metric, the loss from the incident, along with the $1.36 million lost to address poisoning, meant that the phishing category saw a total of $337 million in losses in April. Beyond this attack, hackers also exploited decentralized exchange KiloEX for $7.5 million, drained $5.8 million from Loopscale, and stole $5.5 million from the ZKSync airdrop contract. Bitcoin Mission and Term Labs also lost $2 million and $1.57 million, respectively. Cryptopolitan Academy: Want to grow your money in 2025? Learn how to do it with DeFi in our upcoming webclass. Save Your Spot Source: https://www.cryptopolitan.com/crypto-phishing-scams-in-april/

-- Price

--

You may also like

Semiconductor stocks plummet, yet Anthropic wants to create a 2nm chip

Abandoning TSMC and teaming up with Samsung. Anthropic launches a self-developed 2nm chip program, challenging Nvidia and starting a battle to break through computing power costs.

Where is Zhao Changpeng's billion-dollar investment going? YZi Labs' investment landscape fully revealed

Zhao Changpeng's billion-dollar new "family office" YZi Labs investment landscape revealed: 70% of the funds are committed to the crypto ecosystem, while 30% are cross-industry bets on AI and biotechnology, launching a new capital experiment in the post-Binance era.

Ethereum Foundation Report: A Basic Guide to Ethereum for Governments and Financial Institutions

The Ethereum Foundation has released this non-technical introductory report aimed at government officials, central banks, regulators, and corporate decision-makers, explaining how Ethereum works, how it is governed, how it differs from other blockchains, and how institutions and governments are alre...

A pre-announced harvesting case: After the cryptocurrency price dropped by 99%, the public chain Saga exited to transform into AI

True failure often isn't a single price drop, but rather a pricing mechanism that repeatedly rewards those who tell stories while repeatedly punishing those who believe in the stories.

When American giants collectively "defect" from Chinese AI models

Coinbase CEO publicly stated: the company has fully switched its AI to a Chinese model, cutting expenses in half while usage has doubled. Snowflake and Lindy are also doing the same thing—an unnoticed "AI model migration wave" is happening.

BIS Report Compliance Observation: The Real Risks of Stablecoins, Not Just "Depegging"

The issue with stablecoins is not just whether their price will decouple, but whether they can be integrated into a recognizable, monitorable, accountable, and regulated financial system.

Popular coins

Latest Crypto News

Read more
iconiconiconiconiconiconicon
Customer Support:@weikecs
Business Cooperation:@weikecs
Quant Trading & MM:bd@weex.com
VIP Program:support@weex.com