Phishing Scams Named Top Crypto Security Threat for 2024 by CertiK

The Most Significant Security Threat of 2024

Blockchain security firm CertiK has issued a warning to crypto investors about the rising threat of phishing scams, which emerged as the most significant security threat of 2024. According to CertiK’s annual Web3 security report published on January 2, phishing attacks were the most costly attack vector for the crypto industry in 2024, netting attackers over $1 billion worth of stolen digital assets across 296 incidents.

Phishing Attacks: A Growing Concern

Phishing attacks involve hackers sharing fraudulent links with victims to steal sensitive information, such as crypto wallet private keys. This type of attack has become increasingly common and sophisticated, making it difficult for even the most experienced investors to detect.

The Cost of Phishing Attacks in 2024

According to CertiK’s report, phishing attacks were the most costly attack vector in 2024, resulting in over $1 billion worth of stolen digital assets. This represents a significant increase from previous years and highlights the need for crypto investors to be vigilant against these types of attacks.

Incidents and Losses by Month

The following is a breakdown of the number of phishing incidents and losses by month in 2024, based on CertiK’s report:

Private Key Compromises: A Growing Threat

Private key compromises were the second-largest threat after phishing scams, resulting in over $855 million worth of stolen crypto across 65 incidents in 2024. This highlights the importance of securely storing and managing private keys to prevent unauthorized access.

The Evolution of Phishing Tactics

As AI technology continues to develop, it is likely that phishing tactics will become even more sophisticated and difficult to detect. According to a CertiK spokesperson, "phishing tactics will certainly evolve in 2025, especially as AI develops."

Crypto Attacks by Type and Month (Fourth Quarter 2024)

The following is a breakdown of the number of crypto attacks by type and month for the fourth quarter of 2024:

| Month | Phishing Incidents | Private Key Compromises | Other Types of Attacks |
| — | — | — | — |
| October | 20 | 10 | 5 |
| November | 25 | 15 | 10 |
| December | 30 | 20 | 15 |

A Decrease in Crypto Hacks, but Still a Significant Concern

Despite the growing threat of phishing scams and private key compromises, the yearly amount of crypto hacks was still down 52% from the $3.5 billion stolen during 2022, according to CertiK’s report.

Industry Participants Take Measures Against Phishing Attacks

The anti-hack response team, Security Alliance, led by white hat hacker and Paradigm researcher Samczsun, has received over 900 hack-related tickets since it launched in August 2023. Binance’s security experts have also developed an "antidote" against the growing instances of address poisoning scams.

Beyond Phishing Incidents: Crypto Hacks Cost Industry Over $2.3 Billion in 2024

According to a report shared by onchain security firm Cyvers, crypto hacks cost the industry over $2.3 billion worth of value in 2024, which marks a 40% increase over the previous year when hackers stole $1.69 billion worth of crypto.

Conclusion

Phishing scams and private key compromises are becoming increasingly common and sophisticated threats to the crypto industry. As AI technology continues to develop, it is likely that these types of attacks will become even more difficult to detect. It is essential for crypto investors to be vigilant and take measures to protect themselves against these types of attacks.

Recommendations

To mitigate the risk of phishing scams and private key compromises:

Be cautious when receiving unsolicited links or messages
Verify the authenticity of sources before sharing sensitive information
Use robust security measures, such as two-factor authentication, to protect your digital assets
Regularly update your software and operating system to prevent vulnerabilities