In 2025, losses from crypto phishing attacks plummeted by 83%. Is it due to increased security awareness or market cooling down?

The loss data from cryptocurrency phishing attacks in 2025 shows a significant improvement. According to the annual report released by Scam Sniffer, the losses caused by phishing attacks decreased from $494 million in 2024 to $83.85 million, a drop of 83%. The number of victims also plummeted from approximately 3.3 million to 106,106, a decrease of 68%. What does this data reflect? Is it progress in industry security defenses or changes in market activity itself?

Data Comparison: From Billions to Tens of Millions

This decline is quite significant. The loss amount has fallen from nearly $500 million to less than $100 million, and the number of victims has also dropped sharply. This indicates that two issues are occurring simultaneously: first, the average loss per victim may be decreasing; second, the total number of users encountering phishing is significantly reducing.

Attack Types Are Evolving, but New Threats Have Not Yet Become Mainstream

Permit signature remains the primary threat

Permit signature attacks are still the most common type of phishing. This attack method is widely recognized, and protections in user wallets and applications are relatively mature.

EIP-7702 malicious signatures are a new emerging threat

After the Ethereum Pectra system upgrade, EIP-7702 malicious signatures began to appear. Two major incidents occurred in August 2025. This indicates that attackers are continuously adapting to new technological environments, but overall loss data suggests that this new type of attack has not yet become a large-scale threat.

The Deep Relationship Between Phishing and Market Activity

Data shows that phishing losses have a clear positive correlation with market activity. This pattern is quite interesting:

• The higher the market activity, the greater the user engagement
• When users are active, overall transaction frequency increases, leading to more operations
• More user operations mean increased exposure to risks
• As a result, the proportion of affected users rises

Specifically, in Q3 2025, Ethereum prices experienced the strongest rally, and phishing losses during the same period reached the highest of the year at $31 million. This is not a coincidence but reflects an industry pattern: during a bull market, user activity is high, and phishing cases tend to increase accordingly.

How to Understand This Downward Trend

In my personal opinion, this 83% decrease may result from several factors working together:

First, user security awareness has improved. After years of education on phishing incidents, users are more alert to risks and more cautious when reviewing signature requests.

Second, security protections in wallets and applications have been enhanced. More wallets now include risk prompts, and their ability to intercept suspicious signature requests has improved.

Third, the market environment itself may be changing. The overall market activity in 2025 might be lower than in 2024, which would directly impact the total number of phishing cases.

Summary

The significant decline in cryptocurrency phishing attack losses in 2025—from $494 million to $83.85 million—and the 68% reduction in victims is a positive sign. However, this improvement does not mean the risks have disappeared. New types of attacks (such as EIP-7702 malicious signatures) continue to emerge, and the positive correlation between phishing losses and market activity reminds us: when the next market boom arrives, users need to stay vigilant. Progress in security defenses is beneficial, but user self-protection awareness is equally crucial.