According to a report by blockchain analytics firm, AMLBot, social engineering and impersonation-related scams were the most common attack methods in the crypto incidents it investigated throughout 2025.
AMLBot’s analysis, based on roughly 2,500 internal cases, shows that about 65% of the security incidents in 2025 were driven by social engineering, such as compromised devices, weak verification processes, and delays in detection rather than flaws in blockchains or smart contracts themselves.
The firm said its findings reflect its own casework and shouldn’t be interpreted as an industry-wide measurement of crypto crime. But the data highlights a shift in threat tactics: attackers increasingly exploit human weaknesses, not technical vulnerabilities.
AMLBot’s report pointed to several key vectors, including device takeovers via chat scams, impersonation attacks, and other frauds that rely on tricking victims into giving up sensitive information. Phishing attacks typically involve sharing fraudulent links to capture private keys and wallet access, rather than cracking code or exploiting protocols.
2025 RECAP | Physical Wrench Attacks on Crypto Holders Surge 75% in 2025 Causing Millions in Losses, Says CertiK Report
Most Frequent Scam Types
By case count,
investment scams topped the list at 25%, followed by
phishing attacks at 18% and
device compromise incidents at 13%.
“Pig butchering” schemes and over-the-counter fraud each made up about 8% of cases, while
chat-based impersonation accounted for roughly 7%.
REPORT | Phishing Dominated Crypto Hacks in 2024, Says Latest CertiK Report
Impersonation and Losses
AMLBot traced at least $9 million in stolen crypto to impersonation-related attacks over the past three months, with CEO, Slava Demchuk, calling impersonation the most damaging form of social engineering.
“Attackers continue to exploit and trick victims by posing as trusted entities – sometimes as exchange support staff, investment partners, project managers, or reps,” Demchuk said.
He urged crypto investors to never share private keys or recovery phrases and to be highly cautious of urgent requests for fund transfers or wallet access which are common first steps in social engineering scams.
The report comes as crypto scams surged in January 2026 when scam actors stole around $370 million marking the highest monthly total in nearly a year, according to crypto security firm CertiK. Of that total, $311 million was attributed to phishing attacks, including a single social engineering scam that reportedly cost a victim around $284 million.
How an Elderly Citizen Lost $330 Million in Bitcoin Was Stolen Without a Hack
Stay tuned to BitKE on crypto updates.
Join our WhatsApp channel here.
Follow us on X for the latest posts and updates
Join and interact with our Telegram community
___________________________________________