Phishing Scams Drain $5.2 Million from Crypto Users in April 2025

In April 2025, crypto phishing scams swiped $5.2 million from over 7,500 users. Although this is a drop from March’s losses, victim numbers increased by 26%. Notably, scams are becoming more sophisticated, with tactics such as phishing signature schemes and address spoofing, necessitating better user education and security measures within the crypto space.

April 2025 saw a troubling trend in the crypto world as phishing scams netted a whopping $5.2 million from over 7,500 victims. This number represents a rather curious 17% drop from March’s $6.37 million in losses, but on the flip side, the number of individuals affected jumped by 26%. It appears that while the financial haul is down, the attackers are getting better at targeting users.

A report from Scam Sniffer, a blockchain security firm, revealed that the most shocking incident in April was a phishing signature scam. This one resulted in a staggering $1.4 million loss for a single victim. The essence of the scam revolves around victims unknowingly approving fraudulent requests. This, unfortunately, allows attackers to siphon off funds straight from wallets with those sneaky digital approvals.

Another alarming tactic noted by Scam Sniffer was address spoofing—often referred to as address poisoning. In one case, a user lost around $700,000 after mistakenly sending funds to an almost identical fake wallet address. Such incidents illustrate the lengths phishing attacks are taking these days. They’re not just about phishing websites anymore; it appears scammers are now tailouring attacks to user interactions on their favourite messaging platforms.

Yu Xian, the founder of blockchain security company SlowMist, points out a shift in tactics. Attackers have started to engage users through platforms like Telegram, employing AI-generated voice messages designed to confuse victims. Reports mention a Telegram account was compromised, leading to voice clips mimicking a trusted contact. These clips were eerily accurate due to previous recordings. Xian cautioned, “Don’t trust just one source. Always establish another reliable source for verification when money is involved.”

This worrying trend reflects an even larger case from earlier where an elderly citizen in the US lost about 3,520 BTC—valued at over $330 million—through a slick social engineering scam. Meanwhile, blockchain investigators, including ZachXBT and Binance’s security teams, have managed to recover about $7 million associated with this theft.

CertiK, another key player in blockchain security, pointed out that this Bitcoin heist was a big factor in the industry’s struggles during April. They reported that the crypto sector as a whole faced losses of around $364 million due to hacks and scams, although roughly $18.2 million have been recovered so far.

These latest developments serve as a wake-up call regarding the increasing complexity of crypto scams. They reveal an urgent need for enhanced user education, improved wallet security measures, and more effective anti-phishing tools to protect users in this rapidly advancing industry.