Blockchain security firm Scam Sniffer reports a 207% spike in signature phishing attacks for January, with $6.27 million stolen from 4,700 wallets. Despite this surge, overall phishing losses across 2025 fell sharply compared to the previous year. Researchers link the rise to Ethereum‘s recent Fusaka upgrade, which lowered transaction fees and made mass-scale attacks like address poisoning more economically viable.
Signature phishing incidents surged in January with $6.27 million stolen from 4,700 wallets. This represented a 207% increase from December, according to blockchain security firm Scam Sniffer.
Total phishing losses for 2025 on Ethereum and EVM chains were $83.85 million across 106,106 victims. This marks an 83% decline in value and a 68% drop in victims compared to 2024.
Two wallets alone accounted for roughly 65% of last month’s stolen funds. One case involved $3.02 million taken via a permit and increaseAllowance attack on SLV and XAUt tokens.
The Fusaka upgrade’s reduction in Ethereum gas fees has altered scam economics. Researcher Andrey Sergeenkov found new address creation spiked, with many receiving less than $1 in stablecoins as a first transaction.
This pattern is consistent with large-scale address poisoning campaigns. Lower fees now make it viable to send millions of dust transactions, banking profits from a few high-value mistakes.
Wallets are introducing features to combat these threats. “Rabby does pre-execution simulation and will warn you if you’re interacting with known malicious smart contracts or if there’s hidden logic in the transaction,” said Tara Annison, head of product at Twinstake.
Metamask provides warnings for suspicious websites and transactions. Annison added that wallets are placing such security features “front and centre to avoid you signing something you shouldn’t.”
