Crypto Phishing: $5.2M Lost in April

Crypto Phishing Scams Surge, Causing $5.2 Million in April Losses

Cryptocurrency phishing scams continue to evolve, resulting in significant financial losses for unsuspecting users. In April 2025, over $5.2 million was stolen through phishing attacks, a 17% decrease from March's $6.37 million but a concerning 26% increase in victims, totaling 7,565 individuals.

Evolving Attack Methods Fuel Rising Victim Count

According to data from Scam Sniffer, a blockchain security firm, the most significant incident involved a phishing signature scheme, leading to a $1.4 million loss. Victims unknowingly approved fraudulent transactions, allowing attackers to drain their wallets.

Another concerning trend is address spoofing, where a user sent $700,000 to a fraudulent wallet address closely resembling a legitimate one. Attackers are increasingly leveraging social engineering across various platforms, moving beyond traditional phishing websites.

Yu Xian, founder of SlowMist, highlighted the use of AI-generated voice messages and personalized chats on platforms like Telegram. Compromised accounts send realistic voice clips mimicking trusted contacts, exploiting users' trust.

“Don't trust just one source. When money is involved, always verify with a second reliable source,” advises Xian.

This highlights the sophistication of modern crypto scams, mirroring a previous case where an elderly US citizen lost 3,520 BTC (over $330 million) in a social engineering scam. While blockchain investigators have frozen approximately $7 million linked to this theft, the incident underscores the need for enhanced security measures.

CertiK reported that the industry experienced $364 million in total losses due to hacks, scams, and exploits in April, with around $18.2 million recovered. This alarming statistic highlights the critical need for stronger security protocols and user education.

Protecting Yourself from Crypto Phishing

• Verify all communications: Never trust unsolicited messages or links. Always verify information directly through official channels.
• Use strong passwords and two-factor authentication: Enhance the security of your accounts to minimize the risk of unauthorized access.
• Be wary of suspicious websites and emails: Check URLs and email addresses carefully to avoid phishing sites.
• Regularly update your software: Keep your devices and applications up-to-date to patch security vulnerabilities.
• Use reputable exchanges and wallets: Choose trustworthy platforms known for their security measures.

Codeum provides comprehensive blockchain security solutions, including smart contract audits, KYC verification, and custom smart contract and DApp development, to help protect your projects and users from these evolving threats.