Phishing scams surge in August 2025 with number of victims crossing 10,000 for the first time this year

ScamSniffer has disclosed a surge in the number of phishing scams and victims for August, marking a resurgence in phishing ￰0￱ crypto anti-scam platform disclosed this in its August 2025 phishing report, noting a 72% increase in the amount lost compared to ￰1￱ to the report , the amount lost to phishing scams in August was $12.17 ￰2￱ represents one of the highest this year and is a sign that the activity is seeing a ￰3￱ the first half of the year, losses to phishing scams reached a monthly high of $10.25 million in January and dropped to their lowest level at $2.80 million in ￰4￱ 2025 Phishing report () With the losses reaching the highest level in 2025, the number of victims also reached a new yearly ￰5￱ to the data, 15,230 users were victims of phishing scams in August, a 67% jump compared to July, when it was just 9,143.

It is also the first time this year that monthly victims have surpassed 10,000 users, with January having just 9,220. The biggest loss that month was a whale who lost $3.08 million on August 6 after signing a phishing ￰6￱ victim unknowingly approved a malicious transaction that transferred their aEthUSDT tokens to a phishing ￰7￱ from three users combined account for 46% of all the amount lost in ￰8￱ one of those incidents, the user lost $1.54 million after signing an EIP-7702 phishing batch ￰9￱ victim also lost around $1 million in cryptocurrencies and non-fungible tokens in similar circumstances. EIP-7702 batch-signature scams dominate phishing activity Meanwhile, ScamSniffer observed that August saw a surge in EIP-7702 batch signature scams, with this type of scam responsible for many of the losses in the ￰10￱ accounting for two of the top three biggest monthly losses, other users also suffered the same ￰11￱ include a victim 0x4897e losing $235,977 and 0x5ad31d losing $66,000 to batch transfers disguised as Uniswap ￰12￱ were several other incidents, leading security experts to identify a pattern of phishing scammers targeting addresses that upgraded to EIP-7702.

EIP-7702 is an Ethereum upgrade introduced by the Pectra upgrade that allows externally owned accounts (EOAs) to have smart contract ￰13￱ its goal was to improve Ethereum user experience by enabling EOAs to have temporary smart contract abilities, such as transaction batching, it has created a vulnerability for scammers to ￰14￱ said: This time attackers use batch transfers (vs previous batch approvals), routing through Uniswap Universal Router to appear legitimate. Interestingly, phishing attacks targeting the EIP-7702 have been happening since the Pectra upgrade in June, but it has increased recently, showing that bad actors are getting more adept at exploiting the ￰15￱ hackers mostly using automated sweeper attacks, they can steal any funds going into a compromised ￰16￱ concerns around the EIP-7702 vulnerability have become even more pronounced among World Liberty Financial WLFI token ￰17￱ founder Yu Xian also observed a few days ago that bad actors are using the features to steal funds from addresses holding ￰18￱ explained that scammers are gaining access to the private keys of the victims through phishing and setting up the EIP-7702 exploit mechanism for the ￰19￱ allows them to steal tokens from compromised addresses immediately once the tokens are ￰20￱ user has now asked the WLFI team to implement a direct transfer option to protect addresses on the WLFI whitelist that have already been ￰21￱ poisoning remains an issue Meanwhile, crypto users still have other phishing exploits to grapple with, as August is also seeing a rise in other phishing ￰22￱ observed that direct transfers to phishing contracts also increased in ￰23￱ prevalence of phishing ads might have contributed to this, with ScamSniffer noting that these malicious ads on Google Search use Google Sites to host fake DeFi ￰24￱ even ranked phishing sites as #1 for searches for DappRadar.

Interestingly, address poisoning remains a major issue for crypto users, with several victims losing funds to ￰25￱ user lost $636,559 after copying the wrong deposit address from their contaminated ￰26￱ is usually the case, the wrong and correct addresses have the same first six and last four ￰27￱ other users lost $500,000 and $19,000 to a similar ￰28￱ Difference Wire : the secret tool crypto projects use to get guaranteed media coverage