Operation Atlantic Gives Phishing Scammers a Serious Case of the Chills, Freezes $12M

Approval phishing scammers just discovered that crime doesn't pay — especially when three countries are simultaneously side-eyeing your wallet drainer. Oops.

Operation Atlantic, a joint effort by the US, UK, and Canada, successfully froze more than $12 million in suspected criminal proceeds tied to crypto approval phishing schemes. The operation identified over 20,000 victims across the three countries and uncovered more than $45 million stolen in cryptocurrency fraud, according to the UK's National Crime Agency. That's a lot of people learning the hard way that "sign here" can mean "goodbye forever" to your life savings.

Coordinated by the NCA alongside the US Secret Service, Ontario Provincial Police, and Ontario Securities Commission, the sting operation took place in March and involved critical assistance from Binance's Special Investigations team. Think of it as the Avengers, but instead of Thanos, the villain is some guy running a clipboard phishing operation from his mom's basement.

Approval phishing operates differently from your standard crypto scam. Instead of tricking victims into sending funds directly, these schemes manipulate users into signing malicious permissions that grant scammers access to drain wallets silently. It's like giving a stranger a key to your house, except the stranger is a smart contract and your house is your life savings. The scammer just waits. And watches. And drains. Elegant in its cruelty, really.

"Approval phishing is one of the most damaging types of scams targeting crypto users today," said Flavio Tonon, Binance's senior regional advisor for Europe, Middle East and Africa. He noted that blockchain transparency makes it increasingly difficult for criminals to operate undetected, especially when private companies and public agencies work hand-in-hand. The blockchain doesn't forget, and neither do international task forces with too much time and access to chain analysis tools.

The operation included on-site investigations at the NCA's London headquarters, where Binance provided live account screening, scam intelligence, and research identifying fraudulent websites still actively operating during the sting. Picture federal agents and exchange investigators crowded around monitors, watching scammers in real-time like nature documentary filmmakers — except the wildlife is rug-pullers and the habitat is the blockchain.

NCA Deputy Director of Investigations Miles Bonfield called the operation "a powerful example of what is possible when international agencies and private industry work side by side." Translation: we found your wallet drainer, we froze your money, and we did it with style.

No funds were frozen on Binance accounts as part of the operation. The centralized exchange got to play the hero without getting scorched. Everyone wins except the scammers, who are now $12 million lighter and likely updating their LinkedIn profiles.