Blog

A new analysis has found cryptocurrency users who were hit by phishing scams last year lost a whopping $74.4 million, with Ethereum named the most vulnerable blockchain. 

According to a new analysis of the REKT Database from crypto experts CryptoCasinoscryptocurrency users lost more than $1.7 billion ($1,759,850,729) due to exploits and exit scams last year, with phishing proving one of the most prevalent issues. 

The analysis reveals the scams with the largest losses – also accounting for returned funds – and the most targeted blockchains, with phishing scams resulting in $74,487,764 lost.

A cryptocurrency phishing scam sees cybercriminals target users’ eWallet via schemes like fake websites, counterfeit tokens or coins, or fraudulent emails. Users are encouraged to share their private details or private keys, which scammers use to access and drain funds. 

While some targeted users hit by other scams could recover their lost sum, the data found that nobody who reported a loss due to phishing successfully regained their funds. 

Some blockchains were found to be more vulnerable to phishing scams than others, with the majority of losses recorded last year for Ethereum ($65,518,188), accounting for 91% of the total ($74.4 million). Arbitrum ($5.2 million lost) and Bitcoin ($768k lost) were also affected.

The analysis also shows that March is the riskiest month for cryptocurrency users, as the month reports the highest average losses ($28,911,395) due to phishing scams to date.  

Other common scams reported last year include access control exploits and rug pull exit scams. Control exploits see scammers exploit a system vulnerability to gain direct access to user credentials or data, resulting in $851,841,105 funds lost in 2023. 

Rug pull exit scams see scammers aggressively promote a token via fraudulent means and then liquidate invested funds without warning, resulting in losses of $412,204,346 last year. 

Ethereum was the blockchain most affected by access control exploits, with users losing a huge $482.7 million last year. The blockchain most vulnerable to rug pull exit scams came out as Binance, with users reporting $74.5 million lost. 

The five biggest cryptocurrency scams in 2023, based on lost funds 

As well as identifying which scam types result in the highest losses, the analysis reveals which blockchains are the most susceptible to cybercrime overall.

Ethereum was the most targeted blockchain in 2023, with a total of $729,979,524 lost. This is 273% higher than the average loss reported across all blockchains ($195,538,970). 

The second most affected blockchain was Bitcoin, with $265,791,155 lost. The most common scam Bitcoin users dealt with was access control attacks, followed by phishing. The third most targeted blockchain was Polygon, which saw users lose $124,218,285. 

Finally, crypto users who see funds stolen are unlikely to regain them, as just 10% of the total funds lost in 2023 ($1,961,967,015) were successfully returned.

A spokesperson from CryptoCasinos commented: "As cryptocurrency continues to grow in popularity among investors, so does the appeal to scammers – especially among volatile blockchains or vulnerable users. However, there are some telltale signs to look out for that may indicate you’re being targeted.

"The most obvious sign is if someone is typing to gain access to your private information, like security codes or login details. Do not share your personal information unless you are 100% sure the request is safe – especially if you’ve been randomly contacted over text or email. Also, be wary of ‘too-good-to-be-true’ returns, discounts, or tokens. If you know a cryptocurrency is particularly volatile, exercise caution before accepting investment support.

"Ensure that you are aware of how cryptocurrencies and blockchains work so that you can identify any discrepancies that may allude to ulterior motives. Make sure you only trade via reputable exchanges and always use a secure eWallet to hold funds."