Community Trust ScoreVerified
Crypto losses plummeted dramatically. Hackers grabbed just $49.3 million in February, way down from January’s massive $385 million haul, per Nominis data.
But security experts aren’t celebrating yet. The drop doesn’t mean crypto got safer – thieves just changed tactics. Instead of hitting big platforms with technical exploits, scammers now hunt individual users through phishing schemes, malicious approvals, and address poisoning tricks. These methods fool people into giving away their own crypto, which is pretty much easier than breaking into fortified exchanges.
February’s pattern looked different. Most victims got tricked into granting permissions they didn’t understand – what security folks call “authorization abuse.”
Step Finance took the biggest hit. The Solana-based platform lost around $30 million in a breach that represented over 60% of all February crypto thefts. Large exchanges mostly stayed safe, but individual users became sitting ducks for social engineering attacks that exploit trust and confusing user interfaces.
PeckShield, a blockchain security firm, reported even lower losses at $26.5 million for February – the smallest monthly total since March 2025. They credit better controls and monitoring at exchanges and DeFi projects. And exchanges are fighting back hard. Bybit blocked over $300 million in unauthorized withdrawals during late 2025, stopping countless scams cold.
Still, the numbers stay ugly.
Chainalysis found that thieves grabbed $3.4 billion last year across all crypto platforms. That’s a lot of money, even with improved defenses. The real problem isn’t weak code anymore – it’s the messy intersection where technology meets human behavior. Users click things they shouldn’t. They trust fake websites. They give permissions without reading what they’re agreeing to.
Elliptic saw the same trend in their February analysis. Technical exploits dropped, but phishing schemes jumped. These scams trick users into revealing sensitive info, making them easy targets. Per Elliptic analysts, user education became crucial for fighting these evolving threats.
Binance announced new security measures on March 5. The exchange rolled out enhanced verification processes and educational resources. CEO Changpeng Zhao said user awareness was critical for reducing scam success rates. “We can build the best technical defenses, but if users fall for social engineering, our walls don’t matter,” he noted. This follows earlier reporting on Suspect Arrested in France for .
The FTC started monitoring the phishing surge closely. They issued warnings on March 8, telling consumers to stay alert about unsolicited communications asking for personal or financial data. The agency encouraged reporting suspicious activities to help track and prevent future scams.
ENISA, the EU’s cybersecurity agency, released a report on March 9 that detailed increasingly sophisticated phishing attacks in crypto. Attackers use advanced social engineering techniques that make it harder for people to spot fraudulent communications. The report stressed cross-border cooperation for tackling these scams effectively.
Not good news.
Coinbase detected over 1,000 phishing attempts targeting users in February alone. Chief Information Security Officer Philip Martin said technical defenses keep improving, but user education remains critical. “We’re seeing attackers get more creative with their social engineering tactics,” Martin explained.
A Kaspersky survey found that 42% of crypto users admitted uncertainty about recognizing phishing attempts. The March 6 report showed even seasoned investors can fall for sophisticated social engineering if they’re not properly informed. That’s a scary statistic for an industry built on self-custody principles.
The UK’s Financial Conduct Authority launched an initiative on March 8 to address rising phishing scams in crypto. The FCA plans collaboration with industry players to develop guidelines and best practices for reducing scam success rates. Regulators are clearly worried about social engineering’s impact on crypto investor security.
Kraken implemented an AI-driven system to detect phishing attempts. Chief Security Officer Nick Percoco said the system already cut successful phishing attacks by 30% since early February implementation. “Machine learning helps us spot patterns that humans might miss,” Percoco noted. More on this topic: Crypto Project Montra Vanishes After Claiming.
Crypto.com rolled out enhanced user verification on March 9. The new process includes real-time alerts for suspicious activities and mandatory two-factor authentication for all transactions. CEO Kris Marszalek emphasized proactive measures for safeguarding user assets against social engineering tactics.
Australia’s ASIC issued a directive on March 8 urging crypto platforms to conduct regular security audits. The initiative aims to ensure exchanges maintain robust defenses against phishing and other fraudulent schemes. ASIC also called for increased transparency in reporting security breaches, seen as crucial for maintaining investor trust.
Japan’s FSA released a report indicating rising phishing incidents targeting Japanese crypto users on March 7. The agency urged local exchanges to enhance security protocols and collaborate internationally to share threat intelligence. The global nature of these threats requires coordinated efforts to combat them effectively.
February’s 87% drop in crypto thefts sounds great, but experts warn the shift toward exploiting human error creates complex new challenges.
The shift toward user-targeted attacks coincides with broader cybercrime trends beyond crypto. FBI data shows romance scams alone netted criminals $1.3 billion in 2022, with many victims manipulated into purchasing cryptocurrency for fraudsters. Meanwhile, the Internet Crime Complaint Center reported a 183% increase in crypto-related complaints between 2021 and 2022. These statistics highlight how traditional fraud methods increasingly incorporate digital assets as both targets and tools.
Several major platforms experienced significant phishing campaigns during February’s apparent lull in technical exploits. MetaMask users faced a wave of fake browser extensions designed to steal wallet credentials, while hardware wallet manufacturer Ledger dealt with sophisticated email campaigns mimicking official communications. Security researchers at CertiK documented over 200 unique phishing domains created specifically to target Ethereum users, many featuring pixel-perfect replicas of popular DeFi interfaces that fooled even experienced traders.
