Operation Atlantic Targets Crypto Approval-Phishing Scams
Law enforcement agencies in the U.S., U.K., and Canada launched Operation Atlantic to disrupt cryptocurrency fraud schemes based on approval phishing, in which victims are tricked into authorizing malicious wallet permissions through fake alerts, pop-ups, or spoofed service messages. Once a victim approves access, attackers can drain assets from the wallet, and recovery is difficult because blockchain transactions are generally irreversible. Authorities said the campaign responds to a broader rise in crypto-enabled fraud, with Chainalysis estimating at least $14 billion in on-chain scam revenue in 2025 and warning the total could rise as more illicit wallets are identified.
The operation builds on earlier anti-fraud efforts including Project Atlas, which identified more than 2,000 compromised wallets across 14 countries, disrupted roughly $70 million in potential fraud, and froze about $24 million in stolen cryptocurrency. The same threat pattern is reflected in phishing lures impersonating platforms such as OpenSea, where fake offer alerts, account verification notices, and token airdrop messages attempt to push users into connecting wallets to malicious sites. Those examples illustrate the social-engineering tactics now commonly used in approval-phishing campaigns, alongside increasingly sophisticated content and phishing-as-a-service infrastructure.
Related Entities
Organizations
Sources
Related Stories
Chainalysis Reports Surge in Crypto Scams Driven by Impersonation and AI-Enabled Fraud
Chainalysis reported that **cryptocurrency scams and fraud generated an estimated $17B in victim losses in 2025**, making it the largest year on record in its tracking, with at least **$14B observed on-chain** and expectations that totals will rise as additional illicit addresses are identified. The report attributes the increase to the continued industrialization of scam operations and infrastructure, including *phishing-as-a-service*, AI-generated deepfakes, and professional money-laundering networks, alongside major scam categories such as **pig butchering/romance scams** and HYIP-style schemes. Chainalysis also assessed that scam efficiency increased materially, citing a **253% YoY rise in average scam payment** (from **$782 in 2024** to **$2,764 in 2025**) and noting that **AI-enabled scams** can be significantly more profitable than traditional approaches. A key driver highlighted was the rapid growth of **impersonation scams**, which Chainalysis said rose roughly **1,400% YoY**, with average payments to those clusters up more than **600%**. One example cited was an **E‑ZPass-themed smishing campaign** that used fake toll-payment texts and lookalike sites to deceive victims; Chainalysis linked this activity to the Chinese-speaking group **“Darcula” / “Smishing Triad,”** and referenced reporting and legal action describing tooling and templates used to scale these lures. Separately, reporting on **AI deepfake impersonation** shows similar social-engineering dynamics outside of “crypto-only” contexts, including deepfakes impersonating religious figures to solicit donations and promote fraudulent crypto-related offers, reinforcing the report’s broader finding that **AI-assisted impersonation** is increasing the reach and credibility of scams.
2 months agoSEC Enforcement Against Social Media Crypto Investment Scams
The U.S. Securities and Exchange Commission (SEC) has charged three purported crypto asset trading platforms—Morocoin Tech Corp., Berge Blockchain Technology Co. Ltd., and Cirkor Inc.—along with four investment clubs—AI Wealth Inc., Lane Wealth Inc., AI Investment Education Foundation Ltd., and Zenith Asset Tech Foundation—for orchestrating a fraudulent scheme that targeted retail investors through social media. According to the SEC, these entities misappropriated over $14 million by luring victims with advertisements and group chats that promised profits from AI-generated investment tips, ultimately convincing them to invest in fake crypto trading platforms where their funds were stolen. The operation used sophisticated tactics, including the use of automated trading bots to generate massive volumes of fake transactions, creating the illusion of legitimate trading activity. This enforcement action is part of a broader regulatory crackdown on crypto-related fraud, with the SEC imposing a record $4.98 billion in cryptocurrency penalties in 2024 alone. The case highlights the growing threat of social media-driven investment scams and the SEC's commitment to pursuing securities fraud that harms retail investors. The agency's complaint details how the fraudsters built trust in online group chats, posed as financial professionals, and systematically exploited individuals interested in cryptocurrency investments, underscoring the need for heightened vigilance among potential investors and continued regulatory oversight in the digital asset space.
2 months agoMajor International Law Enforcement Actions Against Cybercrime and Financial Fraud Networks
Law enforcement agencies across multiple countries have conducted significant operations targeting cybercriminal groups responsible for large-scale financial fraud, data breaches, and cryptocurrency theft. In Spain, police arrested a 19-year-old hacker accused of stealing and attempting to sell 64 million personal data records from nine companies, while Ukrainian authorities apprehended a separate data broker who used custom malware to compromise accounts and sell access on hacker forums. In California, a member of the so-called "Social Engineering Enterprise" pleaded guilty to laundering millions in cryptocurrency stolen through sophisticated social engineering attacks, with the group responsible for a $263 million heist and extravagant spending of the proceeds. Meanwhile, Russian police dismantled a gang that used NFCGate-based malware to steal millions from bank customers by tricking victims into installing fake banking apps and harvesting card credentials for remote theft. A major international operation led by Europol and Eurojust dismantled a €700 million cryptocurrency scam network in Europe that used deepfake videos and aggressive marketing to lure victims into fake investment schemes. The network operated numerous fraudulent platforms, laundered funds through complex channels, and was taken down in coordinated raids across several countries, resulting in arrests and the seizure of cash, cryptocurrencies, and luxury items. These actions highlight the growing sophistication of cyber-enabled financial crime and the increasing collaboration between law enforcement agencies to disrupt such operations on a global scale.
3 months ago