Phishing scams focusing on cryptocurrency buyers intensified in August 2025, draining greater than $12 million from over 15,000 wallets throughout the sector.
Blockchain safety agency Rip-off Sniffer reported that these losses characterize a pointy month-over-month rise, climbing 72% in contrast with July. Notably, the variety of victims additionally grew, growing 67% over the identical interval.
Ethereum EIP 7702 Fuels Improve in Crypto Phishing Assaults
In line with the agency, about 46% of phishing losses got here from three high-value accounts, sometimes called whales. Collectively, these accounts misplaced $5.62 million, and one alone was exploited for $3.08 million.
Sponsored
Sponsored
In the meantime, Rip-off Sniffer recognized Ethereum’s EIP-7702 normal as the first device leveraged in August’s wave of assaults. The agency additionally famous an uptick in scammers tricking crypto customers into sending cash on to malicious contracts.
Crypto Phishing Scams in April. Supply: Rip-off Sniffer
EIP-7702 improves Ethereum wallets by briefly permitting externally owned accounts (EOAs) to operate like sensible contract wallets.
This allows handy options corresponding to batching transactions, setting spending caps, integrating passkeys, and recovering wallets with out altering addresses.
Nonetheless, attackers have turned these identical instruments right into a approach to speed up thefts.
Wintermute’s Dune Analytics dashboard exhibits that greater than 80% of delegate contracts tied to EIP-7702 contain malicious exercise. Notably, this has compromised greater than 450,000 pockets addresses since its implementation this yr.
Yu Xian, founding father of the safety firm SlowMist, famous that consciousness of how EIP-7702 may be weaponized stays low. He emphasised that organized prison teams have enthusiastically embraced the mechanism, exploiting it throughout Ethereum Digital Machine (EVM) ecosystems.
In mild of the surge, Rip-off Sniffer has suggested crypto customers to be way more cautious when interacting with pockets requests.
They recommend verifying domains, avoiding rushed approvals, and refusing signatures that grant limitless permissions or seem broader than obligatory.
Moreover, suspicious prompts tied to EIP-7702 contract upgrades or mismatched transaction simulations must also increase alarms.
