Trader loses $1M after signing phishing token approval

Summary

A crypto user lost nearly $1 million after signing a phishing token approval on Ethereum. Scam Sniffer said scammers first attempted to drain a rounded $1 million but failed because of insufficient funds, then quickly retried and pulled the exact remaining balance, totaling 999,999 USDT across three transactions. Phishing approvals are a common crypto scam tactic: victims are tricked into signing a seemingly harmless transaction that grants attackers access to drain funds. CertiK said phishing losses reached $723 million across 248 incidents in 2025, while Chainalysis said onchain scams pulled in at least $14 billion. Security firms advised users to carefully review signature requests, avoid rushed approvals, and use scam-detection tools. Address poisoning remains another active threat.