Human-Targeted Attacks Are Now Web3’s Most Dangerous Threat, Report Finds

Markets 2025-11-21 09:41

A recent report by Kerberus, a Web3 security firm, suggests that human behavior is now the primary risk in Web3.

BeInCrypto spoke with the firm’s CEO, Alex Katz, and CTO, Danor Cohen, to understand why users continue to fall victim to attacks and what they can do to better protect themselves.

Human Error Drives Major Web3 Losses, Kerberus Report Finds 

In its latest report titled “The Human Factor – Real-Time Protection Is the Unsung Layer of Web3 Cybersecurity (2025),” Kerberus revealed that human-focused attacks were the most structurally dangerous vector in Web3.

The report cites data showing that a significant share of industry losses stems from user mistakes. Roughly 44% of crypto thefts in 2024 resulted from the mismanagement of private keys. Another research indicates that human error is involved in approximately 60% of security breaches.

With 820 million active wallets in 2025, the threat landscape is expanding quickly, and everyone remains at risk. Katz told BeInCrypto that bad actors are targeting both newcomers and experienced users, but for very different reasons.

“New users are attractive because they don’t yet understand what ‘normal’ Web3 behavior looks like,” he said

Interestingly, the executive noted that long-time users are becoming increasingly higher-value targets compared to newcomers. According to him, 

“Veteran users interact with far more dApps, sign more transactions, and move larger amounts. That means a single moment of complacency can do far more damage. So the group most at risk today is anyone who assumes they’re not at risk.” 

Cohen added that one of the biggest misconceptions in Web3 is the belief that security failures stem from users not understanding the technology. His analysis points in the opposite direction. People are getting hacked because the system places an unrealistic burden on them.

“Users think, ‘I’m too smart to get drained, I know how wallets work – I’m safe.’ But the threat landscape changes faster than users do. Attackers aren’t trying to outsmart your wallet; they’re trying to outsmart you. And they’re extremely good at it.  What people misunderstand is that Web3 puts an enormous cognitive burden on the individual. Users shouldn’t have to decipher technical signals to stay safe – security must work for them automatically,” he mentioned.

Why Even Smart Web3 Users Keep Getting Drained in 2025

These human-driven risk persists despite record spending on security in 2025. Kerberus’ report stated that crypto-related services and investors lost over $3.1 billion to hacks and scams in the first half of the year. This is already more than the total for all of 2024. 

That number includes the historic Bybit breach. Excluding this, human-targeted attacks such as phishing and social engineering still accounted for $600 million. This represented 37% of the remaining $1.64 billion in losses.

The report noted that these attacks scale with growing adoption and bypass technical defenses entirely. This makes it difficult for traditional security models to prevent them.

While companies invest heavily in audits, monitoring, and code reviews, attackers increasingly exploit users directly at the transaction level. But what makes humans so vulnerable to these attacks?

“Humans are vulnerable because every scam is designed to exploit natural psychological shortcuts — urgency, authority, familiarity, fear of missing out, or comfort with routine. These are not flaws; they’re the same instincts that allow us to function in everyday life. Technology alone can’t change human psychology, but it can catch the moment when psychology is being weaponized,” Cohen detailed. 

He emphasized that the strongest form of protection isn’t relying on users to avoid mistakes through education alone, but rather stopping harmful actions in real-time before damage occurs. 

“That’s why real-time detection matters so much. If you can warn a user at the exact moment their trust is being manipulated, you can stop most losses before they occur,” Cohen added.

The executive noted that it’s unrealistic to expect an everyday user to distinguish between a malicious dApp, an airdrop, or a mint page. Modern fraudulent platforms often closely mirror legitimate ones. This makes them nearly indistinguishable.

He added that users can click phishing links repeatedly. They don’t do so out of carelessness, but because the attacks are intentionally crafted to deceive.

Even real-time warnings can sometimes appear to be false positives, highlighting the advanced nature of these scams.

“Users shouldn’t be expected to perform forensic checks. The burden has to shift to tools that analyze intent and behavior in real time,” Cohen suggested.

The report also states that these attacks exploit moments when users are least able to assess threats. It may happen when someone checks their wallet while distracted at work, reacts to an urgent message claiming their account will be frozen, or approves a transaction at the end of a long day when they’re exhausted.

According to the findings, the industry’s response has largely been to add more warnings and verification steps. But this approach often backfires due to “security fatigue.” As users become accustomed to constant alerts—many of which are false alarms that simply slow them down—their ability to make careful decisions diminishes under the continuous cognitive pressure.

3 Actions Users Can Take to Stay Safer in Web3

To reduce real-world losses, Katz disclosed three practices users can adopt. He advised users to:

  • Pause before signing: Most compromises occur in under ten seconds. Taking even a brief moment to read the prompt or confirm whether the request aligns with the intended action can prevent a large share of successful attacks.

  • Separate high-value assets from everyday activity: Using multiple wallets remains one of the most effective safeguards. He suggested that users should keep their long-term holdings in a cold or low-touch wallet and use a separate wallet for exploration, mints, and dApps. This compartmentalization limits potential damage.

  • Rely on real-time transaction protection: Because many threats involve social engineering rather than technical exploits, users benefit from tools that interpret on-chain actions before they’re finalized. This single layer of defense blocks many of the more advanced scams.

The intention, he stressed, is not to turn users into security experts, but to build guardrails that prevent mistakes from turning into financial losses.

Share to:

This content is for informational purposes only and does not constitute investment advice.

solana web ChainCatcher Web3
Recommended Reading
2025-11-21 09:41
Human-Targeted Attacks Are Now Web3’s Most Dangerous Threat, Report Finds
2025-11-21 09:41
ED uncovers ₹285 crore fraud using fake apps, multilayered bank accounts, and crypto routes
2025-11-21 09:41
Polymarket and Kalshi are expanding into web3 and sports betting, backed by major players like ICE and Trump Media
2025-11-21 09:40
Best Crypto to Buy Now? Mutuum Finance (MUTM) Rockets Toward $19M Raised as Phase 6 Hits 90% Sold Out with 18,200 Investors
2025-11-21 09:40
XRP Price Prediction: Can $2.12 Hold or Will the Breakdown Accelerate?
2025-11-21 09:39
Best Crypto to Buy Now: BZIL Jumps Ahead of TRX and BNB

Popular Articles

Curated Series

SuperEx Popular Science Articles Column

SuperEx Popular Science Articles Column

This collection features informative articles about SuperEx, aiming to simplify complex cryptocurrency concepts for a wider audience. It covers the basics of trading, blockchain technology, and the features of the SuperEx platform. Through easy-to-understand content, it helps users navigate the world of digital assets with confidence and clarity.
Unstaked related news and market dynamics research

Unstaked related news and market dynamics research

Unstaked (UNSD) is a blockchain platform integrating AI agents for automated community engagement and social media interactions. Its native token supports governance, staking, and ecosystem features. This special feature explores Unstaked’s market updates, token dynamics, and platform development.
XRP News and Research

XRP News and Research

This series focuses on XRP, covering the latest news, market dynamics, and in-depth research. Featured analysis includes price trends, regulatory developments, and ecosystem growth, providing a clear overview of XRP's position and potential in the cryptocurrency market.
How do beginners trade options?How does option trading work?

How do beginners trade options?How does option trading work?

This special feature introduces the fundamentals of options trading for beginners, explaining how options work, their main types, and the mechanics behind trading them. It also explores key strategies, potential risks, and practical tips, helping readers build a clear foundation to approach the options market with confidence.

What are the risks of investing in cryptocurrency?

What are the risks of investing in cryptocurrency?

This special feature covers the risks of investing in cryptocurrency, explaining common challenges such as market volatility, security vulnerabilities, regulatory uncertainties, and potential scams. It also provides analysis of risk management strategies and mitigation techniques, helping readers gain a clear understanding of how to navigate the crypto market safely.