In April 2025, phishing scams in the crypto sector resulted in over $5.2 million lost by more than 7,000 victims, despite a drop in overall dollar losses compared to March. Attackers are using increasingly sophisticated techniques, including phishing signature schemes and address spoofing, along with social engineering tactics. Experts stress the necessity for enhanced user security and education.
Crypto phishing scams are becoming increasingly sophisticated, and in April 2025 alone, attackers managed to siphon off a staggering $5.2 million from unsuspecting users, according to a study from blockchain security firm Scam Sniffer. While this amount represents a 17% decrease compared to March, where losses hit $6.37 million, the number of victims saw a sharp increase of 26%. In total, 7,565 individuals fell victim to various schemes last month, raising concerns about online safety in the crypto space.
The most significant incident reported in April involved what’s termed a phishing signature scheme, resulting in a $1.4 million loss. This method is particularly crafty; victims unknowingly approve fraudulent requests that enable attackers to empty their crypto wallets. Users are often tricked into signing digital approvals, which lead to unauthorised token transfers—all without their realisation.
Another noteworthy case reported involved address spoofing, or address poisoning, where a user lost $700,000 after mistakenly sending funds to a wallet with a deceptive resemblance to a legitimate address they’d previously used. This technique shows just how nuanced these scams are becoming, successfully exploiting users’ trust in familiar transaction patterns.
It’s not just old methods being used. Hackers are broadening their tactics and employing social engineering through messaging platforms like Telegram. Yu Xian, founder of the security firm SlowMist, has warned that scammers now create highly personalised experiences to mislead victims, using AI-generated voice messages mimicking those of trusted contacts. In one instance, a compromised Telegram account disseminated these personalised voice clips, further amplifying the threat level.
Xian also emphasized the importance of not relying on a single source for information. “When it involves money, always verify through another reliable source,” he recommended. This advice comes on the heels of a tragic case where an elderly American lost 3,520 BTC, valued at over $330 million, due to an elaborate social engineering scam.
In a positive turn, blockchain investigators, such as ZachXBT and the Binance security team, managed to freeze about $7 million related to the explained thefts. CertiK, another blockchain security provider, added that the total losses across the industry in April amounted to a staggering $364 million through various methods of attack, including hacks and scams. Of these, approximately $18.2 million has been recovered, highlighting some progress in rectifying these extreme losses.
These incidents illustrate how intertwined and sophisticated crypto scams have become. They underline the critical need for user education, secure wallet practices, and efficient anti-phishing measures to safeguard against these evolving threats in the digital currency ecosystem.
