2 February 2026
The start of this year brought a hard reminder: people remain the weakest link. Reports note that roughly $370 million in crypto were taken in January, a sharp climb from earlier months.
That surge was driven mostly by one massive social-engineering con that emptied a single victim of about $284 million. Simple lies and well-crafted messages beat code this time.
Phishing Dominates Losses
According to CertiK, phishing-style scams grabbed about $311 million of the January haul. That means most losses came from attackers tricking users and insiders rather than breaking cryptographic systems.
Social pressure, fake links, and impersonation were used to push victims into moving funds. People clicked. Money moved. Accounts were drained.
A Bigger Picture Of Monthly Swings
Based on reports, January’s total is nearly four times the $98 million stolen in January 2025 and more than triple December’s close to $118 million.
The month is the largest since February 2025, when roughly $1.5 billion was taken, most of that tied to the huge Bybit heist.
Those big events show how a single breach or scam can tilt an entire month’s tally. Numbers can look calm one month and explosive the next. That unpredictability keeps wallets and treasuries on edge.
Combining all the incidents in January we’ve confirmed ~$370.3M lost to exploits.
~$311.3M of the total is attributed to phishing with one victim losing ~$284M due to a social engineering scam.
More details below
pic.twitter.com/uXhi0P6dl5
— CertiK Alert (@CertiKAlert) January 31, 2026
Major Technical Exploits Hit Treasuries
PeckShield flagged several large protocol attacks. Step Finance lost nearly $29 million after treasury wallets were compromised and over 261,000 SOL vanished.
Truebit suffered a $26.4 million hit when a smart contract flaw allowed near-free minting, which also crushed its token price.
SwapNet and Saga were among other victims, with losses around $13.3 million and $7 million respectively. Those hacks were technical, aggressive, and fast.
#PeckShieldAlert In Jan. 2026, the crypto space saw 16 hacks totaling $86.01M in losses, representing a slight 1.42% YoY decrease compared to Jan. 2025 ($87.25M) but a notable 13.25% MoM surge from Dec. 2025 ($75.95M).
Meanwhile, #phishing remains staggering with losses… pic.twitter.com/pxugbsPcZ7
— PeckShieldAlert (@PeckShieldAlert) February 1, 2026
Why This Matters Now
Reports say there were 40 exploit and scam incidents over January, though the bulk of value lost was concentrated in a few cases.
That pattern means the raw count of incidents doesn’t tell the whole story; a single, well-executed con can dwarf many smaller breaches combined. Some months will show many small thefts. Other months will be defined by one enormous fraud.
What Needs To Change
Security teams and project treasuries must tighten both human and technical safeguards. More rigorous wallet controls, staged approvals, and stronger identity checks would blunt social-engineering strikes.
At the same time, independent code audits and quicker response plans can limit damage from smart contract bugs. Education programs for staff and users are cheap compared with the cost of a single large loss.
The recent spike is a clear message: attackers are mixing social skill with technical know-how. The playbook now often starts with a message in a chat app or an email, then turns into code-level theft.
Patching software helps. Teaching people how to spot scams will stop many attacks before they ever reach the code.
Featured image from Shutterstock, chart from TradingView