Phishing and wallet drainer attacks have emerged as major threats in the evolving landscape of cybercrime. These attacks not only intensified but also diversified across multiple platforms and threat vectors, targeting both individuals and organizations. Industries such as cryptocurrency exchanges and financial services continue to face mounting losses due to sophisticated phishing lures and automated wallet drainers.
As wallet technologies and phishing kits become more accessible, the risk landscape expands rapidly. This article explores the latest statistics and trends shaping the phishing and wallet draining ecosystem, offering a data-driven snapshot of the current threat environment.
Editor’s Choice
$1.93 billion in cryptocurrency was stolen through wallet drainers and phishing scams in the first half of 2025 alone.
Phishing attacks have increased by 31% year-over-year, with wallet-specific lures targeting DeFi and NFT users.
Business Email Compromise (BEC) scams in 2025 average $4.67 million in losses per attack.
AI-generated phishing emails saw a 70% increase in 2025, bypassing traditional filters with higher success rates.
Voice phishing or vishing surged by 449%, indicating the rise of voice-based social engineering scams.
Over 38% of BEC phishing emails originated from U.S.-based IP addresses in Q3 2025.
The average cryptocurrency wallet drainer attack leads to losses between $2,000 and $35,000 per victim.
Recent Developments
Phishing incidents increased by 31% globally in the first half of 2025 compared to the same period in 2024.
Over 1 million phishing websites were detected in Q1 2025 alone, up from 850,000 in Q4 2024.
AI-generated phishing content is now involved in more than 17% of phishing campaigns, making detection harder.
Deepfake videos and synthetic voice calls are increasingly being used in phishing campaigns, particularly in executive impersonation attacks.
In April 2025, MetaMask users reported more than $10 million in wallet thefts from phishing sites posing as DeFi tools.
According to blockchain analysis firms, wallet drainer kits were responsible for over $400 million in losses in early 2025.
Quishing (QR code phishing) attacks grew by 28% as more attackers leveraged mobile-first interfaces.
Microsoft 365 accounts are frequently targeted, with credential phishing responsible for 60% of account takeovers.
Telegram, Discord, and other messaging platforms are being used to disseminate phishing links and wallet drainer payloads.
Phishing-as-a-Service (PhaaS) kits on the dark web have proliferated, making it easier for low-skilled actors to deploy wallet drainers.
Data Breach Costs by Incident Type
Malicious Insider breaches are the most expensive, averaging $4.92 million per incident.
Supply-chain breaches closely follow at $4.91 million, highlighting elevated third-party risk exposure.
Phishing attacks cost organizations an average of $4.80 million per breach.
On-premises breaches remain the least costly yet significant, averaging $4.01 million per incident.
(Reference: Bright Defense)
Wallet Drainer Losses
Financial Impact
Industries Most Targeted by Phishing Attacks
(Reference: Statista)
Attack Methods
Credential Theft
Phishing Attack Volume and Frequency Statistics
Brand Impersonation
Social Engineering
Phishing Victim Demographics and Susceptibility
Multi‑Channel Attacks
Targeted Wallets
BEC Statistics
Regional Trends
Emerging Trends
Recovery Rates
Frequently Asked Questions (FAQs)
Conclusion
Phishing, BEC, and wallet drainer threats continue to evolve rapidly, driven by AI, social engineering, and multi-channel strategies. Notably, BEC remains among the costliest attack types, with millions lost per incident. At the regional level, data shows the United States leading in documented activity, while, globally, trends point to the spread of increasingly sophisticated attack vectors across email, voice, and emerging platforms.
Despite growing awareness and improved defensive tools, recovery rates continue to lag behind attack volumes, thereby underscoring the need for stronger defenses and faster reporting. As a result, as cybercriminals continue to innovate, organizations must adapt their security posture and increasingly prioritize identity-centric protections to mitigate risk and limit financial impact.