A recent report by Kerberus, a Web3 security firm, suggests that human behavior is now the primary risk in Web3.
BeInCrypto spoke with the firm’s CEO, Alex Katz, and CTO, Danor Cohen, to understand why users continue to fall victim to attacks and what they can do to better protect themselves.
Sponsored
Sponsored
Human Error Drives Major Web3 Losses, Kerberus Report Finds
In its latest report titled “The Human Factor – Real-Time Protection Is the Unsung Layer of Web3 Cybersecurity (2025),” Kerberus revealed that human-focused attacks were the most structurally dangerous vector in Web3.
The report cites data showing that a significant share of industry losses stems from user mistakes. Roughly 44% of crypto thefts in 2024 resulted from the mismanagement of private keys. Another research indicates that human error is involved in approximately 60% of security breaches.
With 820 million active wallets in 2025, the threat landscape is expanding quickly, and everyone remains at risk. Katz told BeInCrypto that bad actors are targeting both newcomers and experienced users, but for very different reasons.
Interestingly, the executive noted that long-time users are becoming increasingly higher-value targets compared to newcomers. According to him,
Cohen added that one of the biggest misconceptions in Web3 is the belief that security failures stem from users not understanding the technology. His analysis points in the opposite direction. People are getting hacked because the system places an unrealistic burden on them.
Sponsored
Sponsored
Why Even Smart Web3 Users Keep Getting Drained in 2025
These human-driven risk persists despite record spending on security in 2025. Kerberus’ report stated that crypto-related services and investors lost over $3.1 billion to hacks and scams in the first half of the year. This is already more than the total for all of 2024.
That number includes the historic Bybit breach. Excluding this, human-targeted attacks such as phishing and social engineering still accounted for $600 million. This represented 37% of the remaining $1.64 billion in losses.
The report noted that these attacks scale with growing adoption and bypass technical defenses entirely. This makes it difficult for traditional security models to prevent them.
While companies invest heavily in audits, monitoring, and code reviews, attackers increasingly exploit users directly at the transaction level. But what makes humans so vulnerable to these attacks?
Sponsored
Sponsored
He emphasized that the strongest form of protection isn’t relying on users to avoid mistakes through education alone, but rather stopping harmful actions in real-time before damage occurs.
The executive noted that it’s unrealistic to expect an everyday user to distinguish between a malicious dApp, an airdrop, or a mint page. Modern fraudulent platforms often closely mirror legitimate ones. This makes them nearly indistinguishable.
He added that users can click phishing links repeatedly. They don’t do so out of carelessness, but because the attacks are intentionally crafted to deceive.
Even real-time warnings can sometimes appear to be false positives, highlighting the advanced nature of these scams.
Sponsored
Sponsored
The report also states that these attacks exploit moments when users are least able to assess threats. It may happen when someone checks their wallet while distracted at work, reacts to an urgent message claiming their account will be frozen, or approves a transaction at the end of a long day when they’re exhausted.
According to the findings, the industry’s response has largely been to add more warnings and verification steps. But this approach often backfires due to “security fatigue.” As users become accustomed to constant alerts—many of which are false alarms that simply slow them down—their ability to make careful decisions diminishes under the continuous cognitive pressure.
3 Actions Users Can Take to Stay Safer in Web3
To reduce real-world losses, Katz disclosed three practices users can adopt. He advised users to:
- Pause before signing: Most compromises occur in under ten seconds. Taking even a brief moment to read the prompt or confirm whether the request aligns with the intended action can prevent a large share of successful attacks.
- Separate high-value assets from everyday activity: Using multiple wallets remains one of the most effective safeguards. He suggested that users should keep their long-term holdings in a cold or low-touch wallet and use a separate wallet for exploration, mints, and dApps. This compartmentalization limits potential damage.
- Rely on real-time transaction protection: Because many threats involve social engineering rather than technical exploits, users benefit from tools that interpret on-chain actions before they’re finalized. This single layer of defense blocks many of the more advanced scams.
The intention, he stressed, is not to turn users into security experts, but to build guardrails that prevent mistakes from turning into financial losses.
Source: https://beincrypto.com/web3-security-kerberus-human-error-risk/
