Ethereum News Today:

In August 2025, phishing scams in the cryptocurrency sector reached a concerning peak, with over $12 million stolen from more than 15,000 wallets, according to reports from blockchain security firms Scam Sniffer and other industry analysts. This marks a 72% increase in losses from the previous month, underscoring a significant escalation in the sophistication and impact of such attacks [1].

The rise in phishing incidents was largely driven by the exploitation of Ethereum’s EIP-7702 standard, a recent upgrade designed to enhance wallet functionality by allowing externally owned accounts (EOAs) to temporarily operate like smart contract wallets. While this update introduced features like transaction batching and spending caps, it also created new attack vectors that cybercriminals quickly weaponized [1]. Scam Sniffer reported that over 80% of delegate contracts associated with EIP-7702 have exhibited malicious behavior since its implementation, compromising more than 450,000 wallet addresses [1].

Among the most notable victims were high-net-worth investors, or “whales.” The top three phishing incidents in August alone resulted in losses of $3.08 million, $1.54 million, and $1.00 million, collectively accounting for 46% of the month’s total losses [1]. These incidents highlight how attackers are increasingly targeting large portfolios, leveraging deceptive contract upgrades and wallet prompts to trick users into authorizing malicious transactions.

Scammers frequently disguise phishing attempts as legitimate interactions, often mimicking trusted platforms or embedding malicious transactions within routine DeFi and NFT operations. These tactics make phishing scams particularly difficult to detect, as victims may be unaware of the risks until funds are already compromised [2]. Additionally, attackers have begun using batch-signature attacks, where multiple requests are bundled together, making it harder for users to identify malicious components [1].

Security experts, including Yu Xian of blockchain firm SlowMist, have emphasized the growing threat of organized criminal groups exploiting Ethereum-based innovations. These groups operate across the EthereumETH-- Virtual Machine (EVM) ecosystem, distributing attacks that leverage both technical and social engineering methods. As a result, industry stakeholders are urging users to adopt safer practices, such as verifying domain names, avoiding rushed transaction approvals, and enabling two-factor authentication [1].

The broader crypto market also reflected the growing risks, with the total value stolen in 2025’s first half reaching $2.17 billion, surpassing the losses from the entire year of 2024 [1]. With phishing losses in August alone contributing significantly to this figure, the need for enhanced security protocols and user education has never been greater. Analysts stress that while innovations like EIP-7702 can improve user experience, they must be implemented with robust safeguards to prevent exploitation.

Source:

[1] Crypto Phishing Attacks Surge In August As Losses Hit $12 (https://bitcoinist.com/crypto-phishing-attacks-surge-august-losses-hit-12/)

[2] Phishing scams cost users over $12M in August (https://cointelegraph.com/news/phishing-scams-cost-users-12m-august-stay-safe)