PhishingHook: Catching Ethereum Scams Before They Strike

Created in July 29, 2025

2025   ·   ethereum   blockchain   phishing   security   machine-learning   ·   research

PhishingHook Header
Header generated with GenAI

Have you ever worried about clicking on a fake website or connecting your crypto wallet to a scam project? You’re not alone. Ethereum, one of the biggest blockchains, is a hotspot for these kinds of frauds, especially a sneaky type called phishing.

Phishing isn’t just fake emails anymore. In the crypto world, it includes malicious smart contracts: code that looks harmless but secretly steals your money once you approve a transaction!

In our latest research paper, PhishingHook: Catching Phishing Ethereum Smart Contracts Leveraging EVM Opcodes, we introduce a new, powerful tool that helps catch these scams early, before anyone interacts with them.

What’s New Here?

PhishingHook is the first open-source framework that uses machine learning to detect phishing in Ethereum smart contracts by analyzing their bytecode (the low-level code computers understand).

Unlike previous tools that look at users’ transaction history, which may expose sensitive info, we focus on the contract’s actual code. This means no personal data is needed, and the detection happens before any damage is done.

How Does PhishingHook Work?

We built PhishingHook to do four main things:

  1. Collect and Label Contracts: We use public Ethereum data and flag known phishing contracts from Etherscan.
  2. Extract the Code: For each contract, we pull out the underlying bytecode (the raw machine instructions).
  3. Analyze with AI Models: We feed that code into 16 different machine learning models to see which can spot phishing best.
  4. Compare the Results: We evaluate performance (accuracy, scalability) and even how the models hold up over time.

What Did We Discover?

  • It works! Our system can spot phishing scams with about 90% accuracy by just looking at the contract’s raw code, without needing to analyze user activity or transactions.
  • Simple models win: Surprisingly, classic models like Random Forests outperformed fancy ones like GPT-2 or Vision Transformers for this task.
  • Scales with data: Bigger models get better if you feed them more contract data, but they also take more time and power to run.
  • Time-proof: Our models kept performing well months after being trained, even as phishing scams evolved.

Why Does This Matter?

Phishing scams on Ethereum cause real financial losses, sometimes in seconds. PhishingHook gives wallets, dApps, and security firms a way to screen smart contracts instantly, helping users stay safe before signing anything.

Also, we released the largest-ever dataset of phishing smart contracts to help other researchers and developers improve detection tools.

Who’s This For?

If you:

  • Build blockchain wallets or dApps on Ethereum
  • Work in crypto security or compliance
  • Just want to protect your users

Then PhishingHook can help you block phishing contracts before they strike.

Want to Try It?

Our dataset, models, and code are all open-source and available to the community. Head to the paper to learn more!



Enjoy Reading This Article?

Here are some more articles you might like to read next:

  • Can we predict the unpredictable? Forecasting cryptocoin trading prices with Machine Learning techniques - LexTech Institute