Crypto Phishing Attacks Surge In August As Losses Hit $12 Million

Prominent web3 security outfit Scam Sniffer reports that crypto investors suffered an increased number of phishing scams in August. Notably, total assets lost to these scams during the last month represent an estimated 72% increase from July, representing a concerning development for the general crypto industry.

Crypto Whales Take Biggest Hit From Phishing Attacks

In an X post on September 6, Scam Sniffer provides an August 2025 security report covering phishing attacks on crypto wallets. The blockchain security firm notes that 15,230 victims lost a combined $12.17 million from all forms of phishing-related attacks. This data indicates a 72% increase in stolen funds and a 67% rise in victims compared to July’s $7.09 million in losses and 9,143 victims.

For context, phishing often involves fake websites, malicious smart contracts, or deceptive wallet prompts that trick users into giving hackers access to their digital assets. Once approved or shared, the funds are usually stolen instantly and cannot be reversed.

While phishing attacks often target retail investors, August’s data from Scam Sniffer highlights the disproportionate impact on crypto “whales.” ScamSniffer revealed that the top three single incidents drained $3.08 million, $1.54 million, and $1.00 million, respectively, totaling $5.62 million. Collectively, these cases made up 46% of overall monthly losses, demonstrating how hackers increasingly focus on high-value wallets.

The August report also draws attention to a new wave of batch-signature scams enabled by Ethereum’s EIP-7702 upgrade. EIP-7702 temporarily allows externally owned addresses (EOAs) to function like smart contract wallets.

This means users can access smart contract–level features without migrating to a new address. With EIP-7702, actions such as batching multiple transactions, setting automated spending caps, or integrating passkeys become seamless for everyday Ethereum interactions.

However, malicious actors have now exploited this mechanism to trick users into authorizing malicious bulk transactions, often bundled with legitimate requests. In parallel, attackers continue to exploit direct transfer scams, luring victims into sending funds straight into phishing contracts.

These vectors are harder to detect than traditional phishing attempts, as they appear embedded within standard DeFi and NFT interactions.

Crypto Market Overview

At press time, the total crypto market cap is presently valued at $3.77 trillion following a 0.16% gain in the past day. According to data from Chainalysis, over $2.17 billion was stolen from cryptocurrency wallets in the 2025 H1, which was higher than the total losses from 2024. This heightened figure, as well as the increased phishing losses in August, all reinforce the broader need for blockchain security, striking a balance between utility and protection against malicious actors.