Over $9m lost in November phishing scams affecting 9.2k victims, data shows

November’s phishing scams led to a staggering $9.38 million in losses, impacting over 9,200 victims, with one individual losing $661,000 in stETH within minutes.

Phishing scams in November cost crypto users $9.38 million, according to ScamSniffer’s latest calculations, with more than 9,200 victims affected.

In an X thread on Tuesday, Dec. 3, the blockchain analytics firm said the largest loss involved a single individual who saw $661,000 in stETH, a utility token representing a share of the total Ethereum (ETH) staked through the protocol, vanish within minutes.

The report highlights several notable incidents: a $409,000 loss in WBTC on the Arbitrum network, a $344,000 loss in FET on Ethereum’s Uniswap platform, and a $220,000 loss in USDT on Ethereum via direct transfer. The analysts attribute much of the damage to malicious signature requests, saying this type of attack remains “the deadliest weapon.”

While the total stolen amount was down by 53% from October’s $20.2 million and September’s $45.8 million, the victim count remains troublingly high, the analysts warn. The firm noted that the phishing threat continues to evolve, with the exit of the infamous Inferno Drainer scam being followed by the rise of the Angel Drainer attack method.

Blockchain security firm CertiK estimates that losses from phishing attacks in Q3 soared to $343.1 million across 65 incidents. The analysts labeled phishing as the most damaging attack vector for the quarter. At the time, Scam Sniffer pointed out that fake accounts X were the leading cause of how victims ended up on phishing websites, while dubious Google ads were the second most common hook.