Global Web3 fraud surged to $15.87 billion in 2025, sharply exceeding the roughly $2.5 billion lost to traditional hacks and protocol exploits during the same period.
New data shows the scale of fraud far outpaced high-profile breaches, signalling a structural shift in how crypto-related crime is carried out.
Unlike past years dominated by isolated incidents, losses in 2025 were dispersed across an estimated 4.29 million individual transactions.
Analysts said the fragmentation of losses helped fraudulent activity remain less visible to the public despite its growing financial impact.
The findings were detailed in a 2025 annual security report released by blockchain security firm Cyvers.
The report described the rise of “industrialised” crime networks operating across multiple platforms rather than relying on single-point exploits.
These networks use clusters of linked wallet addresses associated with the same scam operations to obscure fund flows.
Funds are frequently moved through chains of exchanges, payment service providers and fiat off-ramps to complicate tracing efforts.
Investigators noted that this cross-platform coordination mirrors methods used by traditional organised crime groups.
A major shift identified in 2025 was the sharp increase in authorised fraud rather than unauthorised account takeovers.
Pig butchering scams emerged as the most prevalent model, relying on long-term social engineering rather than technical vulnerabilities.
Victims are groomed over weeks or months to build trust before being persuaded to approve large transfers themselves.
Because transactions are authorised by users, they often bypass standard security alerts designed to detect compromised accounts.
Traditional fraud controls that focus on compromised accounts are often blind to these flows. Real-time behavioural analytics and entity-level risk scoring are required to catch these schemes before funds leave the platform.
The Cyvers report said.
The report warned that psychological manipulation has become as critical to fraud operations as technical infrastructure.
Fraudulent activity in 2025 was heavily concentrated in a small number of highly liquid digital assets.
Tether (CRYPTO:USDT) accounted for 37% of detected fraudulent value due to its widespread use and ease of conversion to fiat.
Ethereum (CRYPTO:ETH) followed closely, representing 36% of fraudulent flows tracked during the year.
USD Coin (CRYPTO:USDC) made up a further 25% of the total, underscoring the role of stable and blue-chip assets in fraud schemes.
Exposure was also concentrated at the platform level, with one unnamed global exchange linked to more than $2.3 billion in fraudulent flows.
Just three of the world’s ten largest exchanges handled nearly half of all fraud routed through centralised venues.
Analysts said this concentration increases systemic risk for large platforms with global user bases.
The report concluded that crypto fraud in 2025 now resembles a mature global enterprise rather than a series of isolated scams.
While pig butchering remains the dominant authorised fraud method, it relies on the same core infrastructure as other schemes.
Liquid stablecoins, major digital assets and large exchanges continue to serve as the backbone of large-scale crypto fraud operations.
At the time of reporting, Ethereum price was $95,264.20.