The drop from January’s $385 million in losses might look like progress, but security researchers say the more significant story is where the attacks are coming from.
Phishing campaigns climbed sharply during the month, with criminals sending fraudulent messages designed to get users to click malicious links or sign transactions they shouldn’t.
The most common method was authorization abuse. Victims were manipulated into granting wallet permissions without realizing what they’d approved.
Once those permissions were in place, attackers could move funds out freely. Private individuals bore the brunt of these attacks, not exchanges or large protocols.
PeckShield credited stronger risk controls and better security practices across the industry for part of the decline.
Bybit’s own numbers offer a window into how much active work that requires. The exchange said its fraud systems flagged roughly 350 high-risk addresses and stopped around 8,000 users from falling into potential scams — all in a single quarter.
Reports indicate that while large-scale protocol attacks appear to be easing, the rise in scams targeting everyday users signals that criminals are simply redirecting their efforts.
Better smart contract audits and stronger on-chain monitoring may be closing one door. But as long as people can be deceived into approving the wrong transaction, another door stays open.
Featured image from Trillium Mutual Insurance, chart from TradingView
