News 
Coin Information 
About us 
Customer Service 
Blockchain security firm Scam Sniffer has revealed that crypto users lost approximately $6.3 million to signature phishing attacks in the first month of the year, highlighting a concerning shift in cybercriminal strategies. While the total number of victims declined by around 11% compared to December, the overall value stolen surged by a staggering 207%, signaling that attackers are now focusing on fewer but significantly wealthier targets.
This trend underscores a growing tactic known as “whale hunting,” where hackers deliberately target high-net-worth individuals instead of mass retail users. According to Scam Sniffer’s data, just two victims were responsible for nearly 65% of all signature phishing losses recorded in January. The largest single incident involved a user losing $3.02 million after unknowingly approving a malicious smart contract function such as “permit” or “increaseAllowance.”
Signature phishing scams exploit complex wallet permissions that are difficult for average users to interpret. By tricking users into granting unlimited token access, attackers can drain funds without requiring further transaction approvals. This makes signature phishing one of the most dangerous forms of crypto fraud, especially during periods of high on-chain activity.
Alongside signature phishing, address poisoning emerged as another major threat to crypto security in January. In one notable case, a single investor lost $12.25 million after sending funds to a fraudulent wallet address. Address poisoning works by creating lookalike wallet addresses that closely resemble legitimate ones, often matching the first and last characters seen in a user’s transaction history. Hackers rely on users copying addresses from past transactions without fully verifying the entire string.
The growing frequency of these attacks prompted Safe Labs, the team behind the popular multisig wallet formerly known as Gnosis Safe, to issue a security alert. The firm identified a coordinated social engineering campaign involving around 5,000 malicious addresses designed to deceive users into sending funds to incorrect destinations. Safe Labs emphasized that these attacks combine psychological manipulation with technical deception, making them particularly effective.
As crypto phishing scams become more sophisticated, security experts continue to urge users to carefully verify wallet addresses and transaction permissions, especially when executing high-value transfers. Vigilance remains one of the most effective defenses against evolving blockchain-based threats.
Comment 0