Scams

According to Chainalysis, crypto theft totaled at least $14 billion in 2025, surpassing $12 billion in 2024. AI-enabled operations earned over $3.2 million per scheme, with daily income of $4,838 versus $518 without AI. In July and December 2025, separate reports and charges highlighted deepfake tactics and a $16 million case involving Coinbase users.

In 2025, crypto saw fewer rug pulls but larger losses. Major collapses included Mantra's OM, which plunged over 90% in April as roughly $6 billion evaporated, plus Pi Network's post-mainnet dump and the MetaYield Farm disappearance. Overall theft reached $3.4 billion, with February's $1.5 billion Bybit hack and politically themed memecoins inflicting heavy damage.

On January 14, 2026, XRPL developer and Xaman founder Wietse Wind warned XRP users of a broad scam campaign involving fake accounts, impersonated support and fraudulent websites. He stressed there are no giveaways and urged reliance on in‑app support. RippleX says Permissioned Domains is nearing activation, and rippled v3.0 fixes entered a two‑week window.

Betterment said attackers used a social engineering scheme on January 9 to access its systems and obtain customer names, emails, addresses, phone numbers, and birth dates. The firm said accounts and passwords were not compromised, is working with a cybersecurity provider, and warned users about fraudulent messages urging $10,000 crypto transfers.

On January 12 2026, cybersecurity researchers detailed how Chinese-speaking criminal syndicates have spent nearly a decade building pig-butchering romance scams into a commoditized, service-based industry across Southeast Asia. The report describes large compounds of forced labor, plug-and-play PBaaS toolkits, fake trading platforms, phishing apps and crimeware services like Penguin that sell stolen identities and social media accounts. These infrastructures collectively support industrial-scale online fraud and global money laundering operations.

Betterment said an unauthorized party accessed a third‑party marketing system, leading to bogus push alerts and emails that promoted a "crypto giveaway." The messages promised to triple deposits and instructed users to send between $1 and $750,000 in Bitcoin or Ether within three hours. At the time of writing, the listed wallets held 0.14626084 BTC and $1,779.30 in ETH.

According to TRM Labs' 2026 Crypto Crime Report, illicit crypto inflows reached $158 billion in 2025, a 145% rise from $64.5 billion in 2024. The share of illicit activity fell to 1.5% of on-chain volume and 2.7% of VASP inflows, while Russia-linked A757 and A7 saw $72 billion and $39 billion respectively.

On January 9, 2026, WazirX confirmed Recovery Tokens were credited to eligible users as part of its court-approved restructuring following the 2024 hack. The pro rata RTs are non-tradable and may enable reclaiming roughly 75–80% of locked funds over time, subject to three-month recovery reviews and a $10 million buyback threshold.

Americans have lost more than $333 million to scams conducted through crypto ATMs, with $240 million disappearing in the first half of 2025. In response, cities like Spokane and Stillwater have passed local bans, while several other states and municipalities are weighing restrictions or tighter oversight. Industry participants and legal experts argue the machines expose deeper gaps in banking access, even as authorities focus on their role in fast, irreversible fraud.

On January 10, 2026, BlockSec's Phalcon flagged suspicious transactions against Arbitrum's Futureswap and estimated losses of around $395,000 after a suspected exploit that drained USDC via repeated changePosition calls. BlockSec said it tried to contact the team without success and noted the closed-source contract leaves the root cause under investigation.