Phishing scams have emerged as the leading security threat to the cryptocurrency industry in 2024, according to a report released by blockchain security firm CertiK. Phishing attacks, where hackers distribute fake links to steal sensitive information like crypto wallet keys, accounted for the most significant financial losses, totaling over $1 billion across 296 incidents.
The magnitude of these attacks is highlighted by the fact that at least three incidents resulted in losses exceeding $100 million. In one notable incident in May 2024, a trader lost $68 million due to an address-poisoning scam, though the funds were returned by the perpetrator 10 days later under pressure from increased scrutiny.
Despite the reduced overall number of cryptocurrency hacks in 2024, which saw a 52% decrease compared to 2022, the industry still lost over $2.3 billion to cybercriminals. Private key compromises were the second most costly threat of the year, resulting in $855 million in losses across 65 incidents.
The report anticipates phishing tactics will likely become more sophisticated in 2025, driven by advancements in AI technology. In response, industry players, including Binance and the Security Alliance led by white hat hacker Samczsun, are ramping up efforts to combat these threats, with Binance introducing measures like an “antidote” for address poisoning scams.