Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
A recent report by Kerberos, a Web3 security company, revealed that human behavior is now the main risk in Web3.
The BeInCrypto team spoke with the company’s CEO Alex Katz and CTO Danor Cohen to understand why users are still victims of attacks and what they can do to better protect themselves.
Sponsored
Sponsored
Human errors cause huge losses in Web3, Kerberos report reveals
In its latest report, “The Human Factor – Real-Time Protection is the Non-English Way in Web3 Security (2025)”, Kerberos revealed that attacks directed at humans were the most dangerous structural method in Web3.
The report cited data showing that a significant portion of the industry’s losses stem from user errors. About 44% of cryptocurrency thefts in 2024 were the result of mismanagement of private keys. Other research has shown that human error is involved in about 60% of security breaches.
With 820 million active wallets in 2025, the threat landscape is expanding rapidly, and all remains in danger. Katz explained to BeInCrypto that malicious actors target both new users and experienced users, but for very different reasons.
“New users are attractive because they don’t yet understand what the ‘normal’ behavior of Web3 is,” he added.
The interesting CEO pointed out that old users have become more valuable targets compared to new users. According to him,
“Savvy users interact with a much greater number of decentralized applications, sign a greater number of transactions, and move greater amounts. This means that a single moment of inaction can cause much greater damage. So the most vulnerable group today is the one who assumes that they are not at risk.”
Cohen added that one of the biggest misconceptions in Web3 is the belief that security failures come from users who do not understand the technology. His analyzes point in the opposite direction. People are hacked because the system puts an unrealistic burden on them.
“Users think, ‘I’m too smart to be robbed, I know how wallets work – I’m sure,'” said Cohen. But the threat environment is changing faster than users. Attackers are not trying to steal your wallet; Rather, they’re trying to outsmart you. And they’re very good at it. What people misunderstand is that Web3 puts a huge mental burden on the individual. Users don’t have to interpret the signals techniques to stay safe – security should work for them automatically,” he added.
Sponsored
Sponsored
Why the drain of Web3 savvy users will continue in 2025
These human risks will continue despite record spending on security in 2025. The Cerberos report stated that Services related to digital currencies and investors They have lost more than $3.1 billion due to hackingFrauds in the first half of the year. This is already more than the total of 2024.
This number includes Bybit historical hack. Excluding this, attacks against humans such as phishing and social engineering still account for $600 million. These attacks accounted for 37% of the remaining $1.64 billion in losses.
These attacks are increasing with increasing adoption and completely bypassing technical defenses, the report said. This makes it difficult for traditional security models to prevent.
While companies invest Significantly in auditing, monitoring and code reviews,Attackers are increasingly using direct exploitation of ,users at the transaction level. But what does it do? Humans are very vulnerable For these attacks?
Sponsored
Sponsored
Cohen explained that people are vulnerable to hackers, because every scam is designed to exploit natural psychological pathways, such as urgency, authority, familiarity, fear of loss, or routine comfort. These are not defects; They are the same instincts that allow us to function in everyday life. Technology alone cannot change human psychology, but it can capture the moment when psychology is armed.
He stressed that the strongest form of protection is not to rely on users to avoid errors through education alone, but to stop harmful actions in real time before the damage occurs.
“That’s why real-time detection is so important,” Cohen added. “If you can warn the user at the precise moment that their trust is being manipulated, you can stop most losses before they happen.”
The CEO said that was unrealistic Expect the average user to discriminate Among malicious decentralized applications, offers airdrop, or tool pages. Often, modern fraudulent platforms look very similar to legitimate ones. This makes them almost indistinguishable.
He added that users could click on phishing links repeatedly. They do not do it out of negligence, but because the attacks are deliberately designed to deceive.
Even real-time warnings can sometimes appear as false positives, highlighting the advanced nature of these scams.
Sponsored
Sponsored
Cohen suggested that “users should not be expected to perform forensic checks. The onus should shift to tools that analyze intentions and behavior in real time.”
Additionally, the report states that these attacks exploit moments when users are least able to assess threats. This can happen when someone checks their wallet while they’re distracted at work, responds to an urgent message saying their account will be frozen, or approves a transaction at the end of a long day when they’re tired.
According to the findings, the industry’s response has largely focused on adding more warnings and verification steps. But this approach often backfires due to “security fatigue”. As users become accustomed to constant warnings—many of which are false alarms that simply slow them down—their ability to make careful decisions under constant pressure is reduced.
3 steps users can take to be more secure on Web3
Katz revealed three practices that users can adopt to reduce losses in the real world. Users are advised to:
- Pause before signing: Most hacks happen in less than ten seconds. Taking a moment to read the alert or make sure that the request corresponds to the requested action can prevent a large percentage of successful attacks.
- Separation of high-value assets from day-to-day activities: Using multiple wallets remains one of the most effective means of protection. He suggested that users keep their long-term holdings in a cold or low-use wallet and use a separate wallet for mining, mining and decentralized applications. This separation limits potential damage.
- Relying on immediate transaction protection: Because many threats are related to social engineering rather than technical exploits, users benefit from tools that interpret actions on the chain before they are completed. This single layer of defense prevents many advanced frauds.
He said the intention is not to turn users into security experts, but rather to build barriers that prevent mistakes from turning into financial losses.
