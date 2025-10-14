A crypto investor has lost over $209,000 worth of Wrapped Bitcoin (WBTC) and Threshold Bitcoin (tBTC) after unknowingly authorising fraudulent transactions, underscoring how phishing scams in the digital asset space continue to evolve despite increased security awareness.

According to blockchain security firm Scam Sniffer, the victim—whose wallet address begins with 0x4a and ends with a27f—was deceived into signing malicious “permit” and “increaseApproval” requests. These actions granted scammers unauthorised access to the user’s tokens, allowing the scammers to drain funds without initiating direct transactions. The fraudulent activity was traced to addresses beginning with 0x62, 0x72, and 0xaF1.

The phishing scheme exploited the convenience of token-approval functions that enable users to pre-authorise smart contracts for transactions. By mimicking legitimate prompts, attackers persuaded the victim to sign requests that appeared harmless. Scam Sniffer’s team urged users to verify all signature requests carefully and avoid rushing through any wallet interactions, even those that seem routine.

In its latest report for September 2025, Scam Sniffer revealed that crypto-related scams led to cumulative losses of $11.78 million that month. While the total amount stolen dropped slightly compared to August, the number of victims surged to 15,513. Most of these incidents stemmed from deceptive “permit” signatures. One individual reportedly lost $6.5 million in a single phishing episode after authorising several fake requests.

In response to the growing sophistication of such attacks, the Security Alliance (SEAL) has introduced a new defense mechanism known as the Verifiable Phishing Reporter. The tool allows cybersecurity professionals to view fraudulent websites as victims would, enabling them to identify and neutralise active scams more efficiently. It also uses verification protocols to ensure reports are authentic and to prevent fraudsters from manipulating or concealing malicious content.

The recent theft is a reminder of how quickly phishing tactics adapt to new technologies and user behavior. Similar cases have surfaced in the past, including massive schemes such as the $6 billion Bitcoin Ponzi operation led by Qian Zhimin, which defrauded thousands of Chinese investors. Authorities recovered around 61,000 Bitcoin worth approximately $7.4 billion, though tracing rightful ownership remains an ongoing challenge.

The latest incident serves as a cautionary tale for crypto users to remain alert, scrutinise every digital signature request, and leverage trusted security tools to safeguard their assets against increasingly sophisticated scams.