Over $9 Million Lost in November’s Phishing Scams, Affecting Over 9,200 Crypto Victims, Data Shows

November’s phishing scams have caused a devastating loss of $9.38 million, impacting more than 9,200 victims, with one unfortunate individual losing a staggering $661,000 in stETH within minutes, according to recent data from ScamSniffer, a leading blockchain analytics firm.

The report sheds light on the significant scale of phishing attacks in the cryptocurrency sector, highlighting both the financial impact and the disturbing trend of increased victimization despite a drop in the overall stolen amount compared to previous months. While the losses for November are notably lower than those in October ($20.2 million) and September ($45.8 million), the number of victims affected remains concerning.

The Largest Loss: $661,000 Stolen in StETH

ScamSniffer’s detailed analysis points to one of the most shocking cases, where a single individual lost a substantial $661,000 worth of stETH, a token representing Ethereum staked through the protocol. The theft occurred within a matter of minutes, underscoring the rapid and devastating nature of these attacks.

The blockchain analytics firm identified several high-profile incidents during the month. Among them were:

• $409,000 stolen in Wrapped Bitcoin (WBTC) on the Arbitrum network.
• $344,000 in Fetch.ai (FET) on Ethereum’s Uniswap platform.
• $220,000 in Tether (USDT) on the Ethereum network via direct transfer.

These cases reflect the persistent threats faced by crypto users, with malicious actors utilizing increasingly sophisticated tactics to deceive their victims into signing malicious transactions or providing private keys.

The Role of Malicious Signature Requests

A significant factor contributing to these losses has been the use of malicious signature requests, which ScamSniffer’s analysts describe as “the deadliest weapon” in phishing scams. By exploiting this method, attackers can manipulate users into unknowingly approving malicious transactions or signing away control of their digital assets. This tactic continues to pose a severe risk, especially as phishing scams become more complex and harder to distinguish from legitimate activities.

Phishing Scams Continue to Evolve

The report also highlights an alarming evolution in phishing tactics. Following the exit of the notorious Inferno Drainer scam, a new and increasingly dangerous threat has emerged—the Angel Drainer attack method. This shift suggests that scammers are constantly adapting and innovating, making it harder for users to stay ahead of threats and protect their funds.

Phishing remains one of the most insidious attack vectors in the crypto space, and while some losses have been mitigated, the overall frequency and sophistication of these scams are on the rise. ScamSniffer’s findings underline how essential it is for cryptocurrency users to remain vigilant and adopt better security practices, such as verifying links, avoiding unsolicited signature requests, and using hardware wallets for higher-value assets.

A Yearly Trend: The Cost of Phishing Attacks

The latest data also aligns with trends observed throughout 2024. In Q3, CertiK, another prominent blockchain security firm, reported that phishing-related losses soared to an eye-watering $343.1 million across 65 incidents. This makes phishing the most damaging attack vector of the quarter, with its devastating impact outweighing other types of security breaches.

Additionally, ScamSniffer pointed to some of the common routes through which these attacks are propagated. Fake accounts on X (formerly Twitter) have become one of the primary ways scammers trick users into visiting phishing websites. In second place are dubious Google ads, which often lead unsuspecting users to dangerous phishing portals that appear legitimate at first glance.

Is Phishing Getting Worse?

Despite a decrease in the total value stolen compared to the previous months, the 9,200 victims affected in November signify a worrying trend. Even though the value of losses dropped by 53% from October’s figures, the high number of individuals still falling victim to phishing attacks highlights how widespread and persistent this issue is within the cryptocurrency space.

As the crypto market continues to grow and attract new users, scammers are likely to ramp up their efforts. The frequency of phishing attacks could potentially increase as the market’s popularity draws in inexperienced users who may not yet be fully aware of the risks involved.

What Can Be Done to Protect Crypto Users?

In light of these alarming statistics, experts advise cryptocurrency users to take extra precautions to safeguard their digital assets. The crypto community has emphasized the importance of two-factor authentication (2FA), cold storage solutions, and careful scrutiny of links and signature requests to avoid falling prey to phishing scams.

Moreover, educating new users about the dangers of phishing and the evolving nature of cybercrime in the crypto world is crucial. As phishing methods become more sophisticated, vigilance and awareness will remain critical in minimizing losses and protecting investments.

Conclusion: A Constant Threat to Crypto Users

While the overall monetary loss from phishing scams in November has decreased compared to earlier months, the sheer number of victims and the growing sophistication of phishing methods remain concerning. With $9.38 million lost in a single month and the rise of new attack methods like Angel Drainer, it’s clear that phishing is an ongoing and evolving threat to cryptocurrency users.