In AMLBot’s own investigations last year, the most prevalent attack vectors targeting crypto investors were social engineering and impersonation-related schemes.
According to research based on the business’s own casework, over two-thirds of the crypto events that blockchain analytics startup AMLBot looked at in 2025 were caused by social engineering rather than technological exploits.
AMLBot found that 65% of the cases it studied last year were due to issues like hacked devices, poor verification, and slow detection, instead of problems with blockchains or smart contracts.
A Wednesday report indicated that the company’s study is based on roughly 2,500 internal investigations and should not be used as a measure of crypto crime across the board.
The main ways that attackers got into devices were through chat scams, impersonation scams, and other investment and phishing scams that used social manipulation.
Social engineering tactics that don’t require hacking codes are called cryptophishing attacks. Instead, attackers send fake links to steal important information from their victims, such the private keys to their crypto wallets.
Investment and phishing fraud lead attack categories
The results imply that making protocols more secure may not be enough to keep users safe if scammers can get around protections by going after people directly.
Scams involving investments and phishing are the most common types of fraud.
The most common types of attacks were investment frauds (25%), phishing attacks (18%), and device hacks (13%).
Pig slaughtering scams made up 8% of all attacks, over-the-counter (OTC) fraud made up 8%, and chat-based impersonation made up 7%. Together, these three types of attacks were the second most common.
Impersonation linked to recent $9 million in losses
AMLBot discovered that impersonation attacks accounted for at least $9 million in stolen digital assets over the past three months.
Impersonation is the most harmful way for social engineering frauds to work. He said, “Attackers keep using and tricking victims in a cruel game of charades, pretending to be trusted people.” “Sometimes they are support teams for exchanges, investment partners, project managers, or salespeople.”
Demchuk told users not to give their private keys or recovery phrases and to be careful of urgent requests for money transfers or wallet access, which he claimed are frequent ways for social engineering scams to get in.
Demchuk told crypto investors not to divulge their private keys and recovery phrases to keep themselves safe from impersonation attempts.
He also told investors to reject “urgent requests involving fund transfers of wallet access,” which are frequently the first sign of social engineering frauds.
CertiK says that crypto losses went up in January.
According to CertiK, a crypto security company, crypto scams rose in January, with scammers stealing $370 million, the most in 11 months. Phishing scams accounted for $311 million of the total, and a particularly harmful social engineering scam cost one victim about $284 million.