Phishers Get Hooked: Operation Atlantic Reels In $12M in Stolen Crypto

International authorities just pulled off the biggest crypto phishing bust since someone realized "send me all your money" probably shouldn't be a business model. Law enforcement from the UK, US, and Canada have seized over $12 million connected to cryptocurrency scams in a coordinated takedown appropriately named Operation Atlantic—because nothing says "we got you" like maritime-themed sting operations.

The joint phishing expedition—because apparently criminals and cops both love fishing metaphors—occurred in March and was orchestrated by the UK's National Crime Agency (NCA), the US Secret Service, the Ontario Provincial Police, and the Ontario Securities Commission. Turns out when you put three countries in a group chat, things actually get done.

The operation hooked more than 20,000 victims across the three countries, securing and freezing over $12 million in suspected criminal proceeds. Agencies also identified "more than $45 million stolen in cryptocurrency fraud schemes"—which, for those keeping score, is enough to buy a small island or several very expensive JPEGs.

"Operation Atlantic is a powerful example of what is possible when international agencies and private industry work side by side," said NCA Deputy Director of Investigations Miles Bonfield. He's not wrong. Apparently when you combine the bureaucratic precision of government agencies with the "move fast and break things" energy of crypto Twitter, you get actual results.

Major cryptocurrency exchange Binance came through with live account screening, scam intelligence, and research identifying scam websites still actively draining victims. The company's Special Investigations team even supported on-site investigations at the NCA's London headquarters—because nothing says "we take fraud seriously" like sending your best people to someone else's office.

No funds were frozen on Binance itself, because apparently these particular phishers had the audacity to keep their stolen crypto anywhere but the most surveilled platform in crypto. The audacity, honestly.

Approval phishing works by tricking users into signing malicious permissions that let attackers drain crypto wallets like a bartender who somehow has access to your bank account but only after you hand him the keys yourself. Unlike typical scams where victims send crypto directly—because apparently we still do that—approval phishing misleads victims into authorizing transactions that let scammers spend specific tokens. It's basically handing someone a blank check, except the blank check is your entire financial future.

"Approval phishing is one of the most damaging types of scams targeting crypto users today," said Flavio Tonon, Binance's senior regional advisor for the Europe, Middle East and Africa region. He noted that blockchain transparency makes it difficult for criminals to get away with phishing exploits—because unlike TradFi, crypto actually lets you watch your money disappear in real-time.