Law enforcement agencies from the US, UK, and Canada have started a joint operation to tackle cryptocurrency fraud such as the unrelenting issue of phishing scams, particularly phishing attempts involving fraudulent wallet approvals, in the crypto sector.
Operation Atlantic is being spearheaded by the US Secret Service, the UK’s National Crime Agency, the Ontario Provincial Police, and the Ontario Securities Commission.
In the US Secret Service’s press release, officials said the initiative “aims to disrupt organized fraud schemes, assist victims on how to secure assets to prevent further loss, recover stolen funds and raise public awareness about cryptocurrency investment scams.”
Approval phishing
Approval phishing is a scam that lures victims into unknowingly granting full access to their cryptocurrency wallet. It often features an aspect of pig butchering, a scam that preys on people after the scammer develops trust with them, or because the scammer pretends to be a source they trust.
As the Secret Service’s press release notes: “Scammers will send a fake pop up or alert that appears to come from a trusted app or service, asking the victim to ‘approve’ access. Once a victim grants the request, criminals gain full control of that crypto wallet allowing them to transfer funds. Once money leaves the victim’s account, these transactions can’t be reversed, and funds are difficult to recover.”
These types of transactions don’t transfer funds immediately. Instead, the granting of access approval creates a smart contract approval that allows the scammer to spend the victim’s tokens, allowing them to drain the account later.
The collaboration
The press release notes that Operation Atlantic is meant to build on the success of Project Atlas, which was headed up by the Ontario Provincial Police and involved the assistance of the US Secret Service, “which targeted international cryptocurrency investment fraud networks.”
A few other agencies from the US, UK, and Canada are involved: The US Attorney’s Office for the District of Columbia, the UK’s Financial Conduct Authority and the Royal Canadian Mounted Police.
“Operation Atlantic is a strong example of the OSC’s commitment to working across borders to tackle the growing risks posed by scams,” said Bonnie Lysyk, Executive Vice President, Enforcement at the Ontario Securities Commission.
“Through our partnerships with the OPP, UK National Crime Agency, and US Secret Service we are using innovative techniques, advanced tools, and extensive expertise to disrupt bad actors and protect investors from the harm they seek to cause,” Lysyk added.
Trends and tips
Earlier this year, ScamSniffer reported that there was a drop in what it calls “wallet drainer phishing attacks” in 2025. Total losses came to $83.85m across 106,106 victims, which was down 83% and 68% respectively from 2024. But since losses often correlate with market cycles (when crypto markets are more active, more people are there to prey on), it remains a huge risk when markets heat up.
The third quarter of 2025 saw the most losses as there was significant market activity, and ethereum in particular rallied.
In the US, the FBI’s Internet Crime Complaint Center (IC3) and its Asset Recovery Team work with financial firms to freeze funds and track stolen crypto after it has been transferred to secondary wallets.
Since these phishing attempts are now a “thing,” there are legitimate tools out there to help you reverse token approvals (like Revoke.cash and Etherscan.io), and government agencies recommend using them.
The “wallet drainer” or approval type of scams aside, fraudulent email notifications are a huge concern more generally for regulators.
For their part, FINRA, the SEC and the Financial Crimes Enforcement Network (FinCEN) have reported trends and issued investor alerts to warn about fraudsters sending out emails that look like they are coming from one of those agencies (so, a trusted source) asking for information or attachments to be opened.