UK-led Operation Atlantic has seized more than $12M in crypto scams related to “phishing,” identifying 20,000+ victims and $45M in alleged fraud.
Summary
- UK, US and Canadian agencies conducted Operation Atlantic, freezing more than $12 million in suspected crypto scam funds and identifying more than 20,000 victims.
- The breach is aimed at “authorization phishing,” where victims are tricked into signing malicious authorizations that allow fraudsters to empty wallets.
- Binance and other private companies have provided account monitoring and fraud intelligence support, although no funds have been frozen at Binance itself.
Police in the UK, US and Canada have frozen more than $12 million in suspected crypto-scam funds in a crackdown on “authorized phishing” schemes that have hit more than 20,000 victims. The joint effort, called Operation Atlantic and led by the UK’s National Crime Agency (NCA), focuses on tricking users into signing malicious permissions, allowing attackers to withdraw tokens directly from victims’ wallets. Authorities say the total fraud linked to the infrastructure identified exceeds $45 million.
According to the NCA, Operation Atlantic was hosted in partnership with the US Secret Service, Ontario Provincial Police and the Ontario Securities Commission, and ran as an intensive, week-long program in March. Instead of only tracking funds after the fact, agencies have worked to “target victims who have lost, or were at risk of losing, cryptocurrency through ‘phishing’,” to find assets before criminals can move them further into asset loss. Chainalysis, which supports the operation, described the approach as targeting “a rapidly growing threat: authorization of phishing that tricks victims into giving criminals permission to withdraw their wallets,” and noted that the effort “secured and froze more than $12 million in suspected criminal proceeds” while mapping more than $45 million in stolen crypto related to related criminal schemes.
Crypto scam funds found
Private sector firms have played an active role. Binance said its Special Investigations team provided support at the NCA’s London headquarters, including “live account audits and fraud intelligence” and the identification of active fraudulent websites, but stressed that “no fees have been imposed on Binance as part of this operation.” In a statement supporting the action, Binance called authorization phishing “one of the most damaging forms of fraud targeting crypto users today,” arguing that Operation Atlantic shows “how fighting crime can happen when private and public partners come together to stop fraud at the source.” NCA deputy director of investigations Miles Bonfield said the operation “has led to the protection of thousands of victims in the UK and overseas, stopped criminals and helped save others from losing their money,” adding that fraudsters “operate globally and, in partnership with our international partners, the NCA will target them wherever they are based.”
Although the figures found are small compared to the broader crypto market, the performance highlights both the strong growth of on-chain fraud and the increasing willingness of law enforcement and major exchanges to communicate in near real-time. It also emphasizes a practical lesson for users: the most dangerous transaction is often the one you authorize yourself.
