Key Takeaways:

• Crypto phishing scams surged 72% in August, costing $12M
• Over 15,000 victims reported, including a single $3M loss
• EIP-7702 signature exploits drained $5.6M across three attacks
• Best practices: verify URLs, avoid unknown links, use 2FA, never share seed phrases
  

$12M Lost as Phishing Scams Surge in August

Phishing scams are wreaking havoc across the crypto landscape, with losses climbing to over $12 million in August alone, according to data from Web3 security firm Scam Sniffer. The figure marks a staggering 72% increase from July, underlining how quickly scammers are adapting and scaling their attacks.

More than 15,230 victims were affected in just one month, a 67% jump compared to July. The single most devastating attack stripped one user of over $3 million, showing that even seasoned investors can fall prey to well-disguised phishing schemes.

The Scam Sniffer team highlighted a worrying trend: the rise of EIP-7702 signature scams. This Ethereum improvement proposal allows Externally Owned Accounts to function like smart contract wallets, enabling automated transactions. While the mechanism is designed to enhance flexibility, attackers are exploiting it at scale.

In August alone, EIP-7702 signature abuse drained $5.6 million across three separate attacks. These exploits represent the newest frontier in phishing and underscore the ever-evolving tactics hackers deploy to bypass user defenses.

Crypto phishing typically relies on deception. Fraudsters create fake websites that mimic exchanges or wallets, complete with nearly identical URLs, or send convincing emails, texts, and even letters masquerading as official communication. Once a victim clicks a malicious link or hands over sensitive data like passwords or seed phrases, funds can be drained within seconds.

How Crypto Users Can Stay Safe From Phishing Scams

The scale of phishing damage is not confined to one month. Across the first half of 2025, crypto hacks and scams totaled over $3.1 billion, driven by increasingly sophisticated attack methods. In August alone, malicious exploits drained over $163 million, showing that phishing remains a top threat alongside broader hacks.

The good news is that individuals can take proactive steps to protect themselves. Security experts stress the importance of vigilance in every online interaction. Bookmark official exchange and wallet pages instead of typing them into search engines, where fraudulent ads or spoofed sites often appear first. Always double-check URLs for subtle typos and inconsistencies, which are classic phishing red flags.

Equally important is scrutinizing communication. Phishing attempts often feature grammatical errors, awkward phrasing, or unrealistic urgency. If an email or message claims your account is “at risk” and demands immediate action, treat it with suspicion. Never share seed phrases, private keys, or account passwords, no legitimate exchange or support team will ever ask for them.

Crypto users should also bolster their defenses with technology. Two-factor authentication (2FA) adds a critical extra layer of security, making it far harder for attackers to compromise accounts. Using a virtual private network (VPN) can mask IP addresses and geographic locations, reducing exposure. And perhaps most importantly, avoid downloading attachments or clicking links from unknown sources.

As phishing schemes become more sophisticated, the stakes for crypto users continue to rise. Awareness, skepticism, and disciplined security practices are the only true shields against a problem that is now costing the industry tens of millions every month.