Crypto phishing losses took a big step back in February 2025, falling 48% to $5.32 million, marking the third straight month of declines after $10.25 million in January and $23.58 million in December, according to ScamSniffer’s data. That’s some good news, shared in an X thread on March 5 by the analysts, who also noted 7,442 victims got hit that month—down from 9,220 in January. It might mean folks are getting savvier about security or scammers are slipping up, but the drop’s a relief after a brutal year for crypto.
Still, the big-ticket scams are brutal. Address poisoning, where scammers tweak transaction histories to trick users into sending funds to fake addresses, nabbed $771,000 in Ethereum (ETH). A permit scam—where someone’s tricked into approving a bad transaction—cost another victim $611,000. On BNB Chain, unrevoked phishing approvals drained $610,000, and an “IncreaseApproval” attack, bumping up token limits for shady contracts, took $326,000. One wild case stood out: a victim lost over $607,000 because of a phishing approval they signed over a year ago. ScamSniffer’s urging people to clean up old approvals now, while Ethereum gas fees are cheap, to avoid similar hits.
But let’s not get too comfy—February still saw $1.53 billion in total crypto losses, an 18-fold jump from last year, mostly thanks to two massive hacks, per crypto.news and Immunefi’s report. Bybit took the biggest blow, losing $1.46 billion in a North Korea-linked attack, while stablecoin bank Infini got hit for $49.5 million. Seven smaller attacks, like zkLend’s $9.5 million and Ionic Money’s $8.6 million losses, rounded out the damage. So, while phishing losses are down, the crypto space is still a minefield—high-value scams keep popping off, and users need to stay sharp.
