Crypto Phishing Scams Exploit EIP-7702, Cost $12M in August

In August 2025, crypto phishing scams soared, with $12 million lost and over 15,000 victims recorded by Scam Sniffer. Attackers focused on exploiting EIP-7702 signature scams to drain wallets via crafted signatures. Three major incidents alone accounted for $5.6 million in theft. Scam Sniffer data shows a 72% month-on-month increase in phishing losses from July, and a 67% rise in victim counts. The largest single loss in August exceeded $3 million. Overall, malicious exploits caused over $163 million in combined losses across crypto and DeFi platforms. EIP-7702 signature scams allow Externally Owned Accounts to function as smart contract wallets. When abused, attackers trick users into signing transactions that transfer assets without immediate notice. These incidents highlight emerging risks to wallet security. To mitigate these crypto phishing scams, users should verify URLs, bookmark official sites, and inspect signature requests carefully. Employing hardware wallets, enabling two-factor authentication, using VPNs, and keeping software updated can prevent most phishing attempts. After any suspicious event, immediately revoke allowances, move funds to a new wallet, and report the incident to anti-scam services. Traders and custodians must prioritize layered defenses. Vigilance around EIP-7702 signature requests and strict wallet security practices will help protect digital assets from evolving threats.