Social engineering scams continue to be the primary threat to cryptocurrency users, as highlighted by 2025 data from WhiteBIT, a cryptocurrency trading platform, shared with CoinDesk.
The report from the exchange indicates that 40.8% of all crypto security incidents this year resulted from fraudsters deceiving victims through misleading investment offers or impersonation techniques.
Following closely, technical wallet hacks via phishing, malware, or keyloggers accounted for 33.7%. Messaging platforms, especially Telegram, were also identified as risk factors, with over 10% of scams involving “scrolling scams” that entice users into fraudulent channels.
“While attacks based on technology are significant, most threats exploit human behavior,” stated WhiteBIT’s compliance team in the report. “This underscores the importance of proactive security measures.”
This proactive security not only includes using two-factor authentication and trusted wallets and exchanges but also emphasizes the importance of never sharing sensitive information and thoroughly verifying URLs to ensure interactions are limited to official platforms.
These findings resonate with wider industry concerns. Certik reported nearly $2.5 billion lost to crypto-related crime in the first half of 2025 alone, while Chainalysis pointed out the Bybit hack, alleged to have been executed by North Korea’s Lazarus Group, as the most significant theft in crypto history, amounting to $1.5 billion.
To mitigate risks, WhiteBIT indicated that secure exchanges store the majority of user assets in cold wallets, utilize Web Application Firewalls, and conduct regular audits. The company affirmed it meets these standards and also holds cybersecurity certifications.
“The combination of these measures with vigilant user practices establishes a strong defense against the evolving threats in the crypto space,” added the exchange’s compliance team.
