Lost your crypto? They say it's probably your own fault

Analysis of thousands of crypto-related crimes once again demonstrated that, for criminals, targeting human psychology can be far more successful than exploiting purely technical vulnerabilities.

AMLBot, a compliance solution provider for crypto companies, said that out of more than 2,500 analyzed real crypto crime investigations last year, up to 65% of cases were caused by successful social engineering attacks. For example, while centralized exchange breaches and protocol hacks are often perceived as technical incidents, they also often happen due to human-enabled entry points, including credential theft, insider manipulation, or social engineering of employees.

Moreover, the analysis also showed that crime categories mostly enabled by social engineering dominate in the ratings, with the top four most popular categories being investment scams, phishing, device compromise, and pig butchering.

However, the top four categories by losses are centralized exchange breaches (which are the result of a few large hacks), investment scams, impersonation, and phishing. Overall, only up to 30% of the analyzed cases involve companies or professional operators.

In investment scams, criminals try to trick potential victims by fabricating investment dashboards and staging withdrawals while extracting more funds from people, much as the so-called "pig butchering" scheme operates.

Impersonators also pose as exchanges, compliance teams, law enforcement, employers, or trusted counterparties. Chat and voice-based impersonation has grown in popularity, as have fake jobs and recruitment scams. Additionally, phishing is being used to compromise devices.

"While individual losses in these categories are often smaller than in investment scams, their frequency and scalability make them a persistent operational risk for both individuals and businesses," the analysts warned, adding that the so-called address poisoning can also cause substantial losses even if these attacks account for a relatively small share of total cases.

Meanwhile, when it comes to chances of recovering stolen funds, AMLBot noted a 75% freeze success rate in cases where stolen funds were still held on attacker-controlled wallets at the time the investigation began.

Therefore, the sooner the investigation begins, the better the chance of recovering funds, at least partially. According to the analysis, double-digit recovery rates were observed in categories such as device compromise, protocol exploits, OTC scams, and impersonation.