Two-thirds of cryptocurrency incidents investigated by AMLBot in 2025 were attributed to social engineering, according to a recent internal casework report. The analysis, covering approximately 2,500 investigations, indicates that 65% of reviewed incidents involved human error and access failures rather than vulnerabilities in blockchain technology or smart contracts.
Primary attack vectors include device compromises through chat scams, impersonation schemes, and various forms of investment and phishing scams that rely on social manipulation. These attacks bypass technical safeguards by targeting individuals directly, highlighting that protocol-level security alone is insufficient.
Investment scams constituted the largest segment of cases at 25%, followed by phishing at 18% and device compromises at 13%. Pig butchering scams, over-the-counter fraud, and chat-based impersonation each accounted for 7-8% of incidents.
Impersonation attacks alone were linked to at least $9 million in stolen digital assets over a three-month period. AMLBot CEO Slava Demchuk stated that attackers continuously exploit victims by posing as trusted entities like exchange support or project representatives. He urged users to guard private keys and recovery phrases and to be wary of urgent requests involving fund transfers or wallet access, as these are common entry points for social engineering scams.