Crypto Phishing Scams Skyrocket 72% in August, Siphoning Over $12 Million from Investors

Digital bandits are having a field day—phishing attacks just ripped through the crypto space like never before.

August's alarming surge

Scammers pulled off a 72% increase in successful phishing schemes last month, netting over $12 million from unsuspecting holders. They're getting smarter, faster, and more convincing—while security measures struggle to keep pace.

The human factor remains the weakest link

Despite all the blockchain's cryptographic brilliance, it still can't fix people clicking shady links. Fake wallets, spoofed exchanges, and too-good-to-be-true airdrops continue to trap even seasoned traders.

Where's the money going?

Straight into anonymous wallets—laundered through mixers, converted to privacy coins, or funneled into offshore exchanges. Tracers are playing catch-up while criminals cash out.

Meanwhile, traditional finance regulators are probably nodding smugly—another reason to delay ETF approvals and cling to their 19th-century ledger systems.

Stay paranoid out there.

Ethereum EIP 7702 Fuels Increase in Crypto Phishing Attacks

According to the firm, about 46% of phishing losses came from three high-value accounts, often referred to as whales. Together, these accounts lost $5.62 million, and one alone was exploited for $3.08 million.

Meanwhile, Scam Sniffer identified Ethereum’s EIP-7702 standard as the primary tool Leveraged in August’s wave of attacks. The firm also noted an uptick in scammers tricking crypto users into sending money directly to malicious contracts.

EIP-7702 improves ethereum wallets by temporarily allowing externally owned accounts (EOAs) to function like smart contract wallets.

This enables convenient features such as batching transactions, setting spending caps, integrating passkeys, and recovering wallets without changing addresses.

However, attackers have turned these same tools into a way to accelerate thefts.

Wintermute’s Dune Analytics dashboard shows that more than 80% of delegate contracts tied to EIP-7702 involve malicious activity. Notably, this has compromised more than 450,000 wallet addresses since its implementation this year.

Yu Xian, founder of the security company SlowMist, noted that awareness of how EIP-7702 can be weaponized remains low. He emphasized that organized criminal groups have enthusiastically embraced the mechanism, exploiting it across Ethereum Virtual Machine (EVM) ecosystems.

In light of the surge, Scam Sniffer has advised crypto users to be far more cautious when interacting with wallet requests.

They suggest verifying domains, avoiding rushed approvals, and refusing signatures that grant unlimited permissions or appear broader than necessary.

Additionally, suspicious prompts tied to EIP-7702 contract upgrades or mismatched transaction simulations should also raise alarms.