Cryptocurrency Phishing Attacks Surge by 200%: Wallet Security Risks Fully Escalate, How Can Investors Protect Themselves?

Cybersecurity company Scam Sniffer released the January 2026 security report revealing a concerning trend in the cryptocurrency space: phishing attacks are becoming more targeted and devastating. Data shows that signature phishing attacks in January alone caused approximately $6.27 million in losses, affecting 4,741 victims.

Attack Escalation

At the start of 2026, the security situation in cryptocurrencies took a sharp turn for the worse. Unlike previous broad-sweep strategies, cybercriminals are now focusing their efforts on “whale hunting.” Scam Sniffer’s report indicates that just two high-net-worth victims accounted for nearly 65% of the total signature phishing losses in January.

The largest single loss reached $3.02 million, resulting from a user signing a malicious “permit” or “increaseAllowance” function. Once such authorization is signed, attackers gain unlimited transfer rights from the victim’s wallet, without needing separate approval for each transaction.

Double Threat

Currently, threats targeting crypto wallets mainly manifest in two highly specialized forms: signature phishing and address poisoning. Signature phishing involves tricking users into signing malicious smart contract authorizations. Address poisoning is more covert, utilizing users’ transaction habits to carry out precise strikes.

Attackers generate “vanity addresses” or “similar addresses” that closely resemble the user’s common addresses, with the first and last characters identical to the real address. They then send tiny or zero-value transactions to these fake addresses, causing them to appear in the user’s transaction history. When the user later needs to transfer funds to the real address and habitually copies from the history, they are very likely to select the “poisoned” address, resulting in all funds falling into the attacker’s hands.

Real Cost

The security incidents in January provide a brutal illustration of these two attack methods. In signature phishing, single losses have exceeded $3 million. Address poisoning losses are even more staggering, with one investor losing $12.25 million in a single incident after copying an incorrect address from transaction history.

This is not an isolated case. In December 2025, another victim lost $50 million using the same method. The attacker tested a transfer of 50 USDT, then immediately forged an address with the same first and last four characters for poisoning. When the victim made a large transfer and copied the address from history, it led to catastrophic consequences.

Defense Guidelines

In the face of increasingly sophisticated attack methods, ordinary users need to establish a multi-layered defense system, upgrading both operational habits and technical tools.

First, never copy addresses from transaction history. Address poisoning exploits this very habit. Manually entering addresses or using a contact list is a safer choice.

Second, before making any transfer, thoroughly verify the full alphanumeric string of the recipient address, rather than just checking the first and last few characters. For high-value transfers, performing a small test transaction is a crucial validation step. Once the address is confirmed correct, proceed with the large transfer.

Additionally, be cautious with every signing request. Carefully review the permissions requested before signing any smart contract authorization, avoiding granting unlimited or overly broad access rights.

Smart Protection

Technical measures are also an essential part of attack prevention. Using hardware wallets to store large assets is widely regarded as best practice, as it isolates private keys from the internet.

Enabling multi-factor authentication is equally important, but priority should be given to methods based on authenticator apps rather than less secure SMS verification. For frequently used addresses, storing them in the wallet’s address book or whitelist can effectively prevent losses caused by manual input errors or copying incorrect addresses.

Finally, keep wallet software and security tools up to date. Developers release updates to patch known vulnerabilities, which is fundamental to maintaining system security.

Digital gold also requires physical safes. Amid frequent security incidents, the cryptocurrency market is experiencing intense volatility. According to Gate行情 data, as of February 9, Bitcoin’s price is $70,638.2, with a market cap of $1.41 trillion and a 24-hour trading volume of $801.57 million. Meanwhile, Ethereum is priced at $2,084.02, and Solana remains stable at $87.22. Bitcoin holds a 56.14% market dominance. Safe Labs has identified coordinated attack activities involving about 5,000 malicious addresses, and Shiba Inu team has also issued a security warning to the community.