Why Experienced Web3 Users Are Prime Targets for Scammers

Human Error Fuels Web3 Security Breaches

A new report from Kerberus, a Web3 security company, identifies human behavior as the chief risk in Web3. CEO Alex Katz and CTO Danor Cohen explain the ongoing vulnerability of users and suggest protective measures.

Human Error Leads to Significant Losses

The report, "The Human Factor – Real-Time Protection Is the Unsung Layer of Web3 Cybersecurity (2025)," shows that user mistakes are a primary cause of crypto losses. In 2024, 44% of thefts were due to private key mismanagement, and human error contributed to 60% of breaches.

With 820 million active wallets by 2025, the threat is escalating. Katz notes scammers target both novices and veterans differently, with experienced users facing higher risks due to their extensive interactions with dApps and transactions.

Challenges for Seasoned Web3 Users

Cohen points out a common misconception that security failures occur due to a lack of tech understanding. Instead, users face an unrealistic cognitive load. The threat landscape evolves rapidly, and attackers exploit this, targeting user psychology rather than technical vulnerabilities.

Despite increased security spending in 2025, human-targeted attacks persist, causing $3.1 billion in losses. These attacks often bypass technical defenses, exploiting psychological triggers like urgency and familiarity.

Improving User Security

Cohen advocates for real-time protection, emphasizing that technology should assist users rather than rely solely on education. Users struggle to distinguish between legitimate and fraudulent platforms, making them susceptible to scams.

Recommendations for users include pausing before signing transactions, separating high-value assets using multiple wallets, and employing real-time transaction protection tools to analyze on-chain actions proactively.

Katz concludes that the goal is not to make users security experts but to implement safeguards that prevent financial losses.