Crypto investor lost $3 million as a result of a phishing attack

A cryptocurrency investor lost more than $3 million in USDT after signing a malicious transaction on the blockchain. The case highlighted that social engineering is often more effective than sophisticated attacks on cybersecurity systems.

According to data from the Lookonchain analytics platform, the user did not check the full contract address before signing the transaction and, as a result, lost $3.05 million. “Be vigilant. One wrong click can empty your wallet. Never sign a transaction that you don’t fully understand,” analysts noted.

Phishing attacks in the cryptosphere rely on the trust of victims and the use of fake links. Fraudsters often count on users checking only the first and last characters of wallet addresses without verifying the entire string. Visual abbreviations used by platform interfaces increase vulnerability.

The incident was reminiscent of another attack that occurred this Sunday. In that case, the victim lost assets worth over $900,000 458 days after unknowingly signing a similar transaction intended to empty their wallet.

Although $3 million is a significant amount, it pales in comparison to the record-breaking attack in May 2024, when fraudsters stole $71 million through a “wallet poisoning” scheme. In that case, the attacker unexpectedly returned the funds two weeks later after coming under pressure from international investigations that traced his alleged IP address to Hong Kong.

Experts warn that cases of such fraud will continue to grow until users develop the habit of carefully checking each transaction. Against the backdrop of rising cryptocurrency prices, attackers are increasingly shifting from attacks on smart contract codes to exploiting human vulnerabilities.