A coordinated international operation has frozen more than $12 million in suspected criminal proceeds and uncovered over $45 million in cryptocurrency fraud linked to a widespread “approval phishing” scam that impacted more than 20,000 people, the UK’s National Crime Agency (NCA) says.
What happened
- Operation Atlantic, carried out in March, brought together the NCA, the U.S. Secret Service, Ontario Provincial Police and the Ontario Securities Commission to target a network of approval-phishing schemes operating across the UK, U.S. and Canada.
- Authorities say victims ranged across all three countries; one UK victim reportedly lost more than £52,000.
How the scam works
- Approval phishing tricks users into signing a malicious wallet approval (a permission) rather than directly sending funds. Because the user appears to “authorize” the action, the transaction can be harder to spot as fraud. Scammers later use the approval to move assets out of the wallet.
- Binance has described this form of fraud as among the most damaging for crypto users.
Role of private firms and exchanges
- The operation used a public–private model: private firms helped identify victims in real time and trace suspicious transactions so law enforcement could act while funds were still traceable.
- Binance’s Special Investigations team was on site in London, supporting live account screening, sharing scam intelligence, and identifying active scam websites during the sweep. Binance said it aided investigations and tracing but that no funds were frozen on Binance accounts—indicating the seized proceeds were being held elsewhere when the operation occurred.
Next steps and warnings
- The NCA says it is continuing to analyse the intelligence gathered during the operation.
- Authorities also warned victims to beware of “recovery” scams—criminals who reappear under new guises promising to retrieve stolen crypto for a fee.
Why it matters
- The action highlights growing international cooperation between law enforcement and crypto firms to disrupt sophisticated social-engineering attacks that exploit wallet permission features. It also serves as a reminder for users to scrutinise any wallet approvals and to be cautious of unsolicited recovery offers.
Read more AI-generated news on: undefined/news
