The security firm also revealed that wrench attacks are on the rise.
Crypto users lost about $370.3 million to exploits in January, according to data from security analytics firm CertiK.
CertiK said in a post on X that $311.3 million of the total was linked to phishing, with a single social engineering scam accounting for about $284 million. Phishing is a type of cybercrime in which attackers impersonate reputable entities (such as banks or employers) to deceive individuals into revealing sensitive information.
The firm said the single large incident targeted an individual user rather than exploiting a smart contract bug. This means that only about 16% of total losses were linked to non-phishing incidents, such as code flaws, price manipulation, or wallet compromises, according to CertiK’s breakdown.
The findings suggest that even as protocols improve their defenses against technical exploits, it can still be difficult to prevent losses tied to human behavior. Scams that rely on deception, trust, and errors in judgment continue to account for a large share of losses.
Physical Attacks Are Also Rising
CertiK also found a rise in physical attacks linked to crypto theft in its Skynet Wrench Attacks Report. The firm said so-called wrench attacks increased 75% in 2025, resulting in $40.9 million in confirmed losses, though it noted the figure is likely underreported.
These attacks involve using force or threats to gain access to crypto wallets or private keys. Kidnapping remained the most common method, while physical assaults rose 250% year over year. Europe accounted for more than 40% of reported cases, with France recording the highest number of attacks.
CertiK said the trend shows that physical violence is becoming a real risk for crypto holders, especially founders and people known to control large amounts of digital assets. The firm added that protecting crypto now requires thinking beyond software security to include personal safety.