The Scam After the Scam
A Nanaimo resident who lost crypto at an ATM kiosk was targeted by a second fraud scheme while reporting the first one to police — scammers using fake RCMP branding contacted the victim offering recovery services, according to local authorities. The double-hit illustrates how crypto theft is evolving: fraudsters are building databases of victims from initial scams, then circling back with fake recovery services that extract even more money.
This isn't isolated. Federal prosecutors in Massachusetts just moved to forfeit $3.44 million in USDT tied to a text-based investment scam that tricked victims into sending Ethereum to fraudster-controlled wallets. Separately, investigators traced $61 million across multiple wallets in romance scam proceeds, using blockchain forensics and stablecoin freezes to follow the money. The DOJ's combined forfeiture actions now total over $64 million from just these two cases.
Attackers Shift Tactics as Protocols Harden
Crypto hacks fell to $49 million in February — down sharply from January's spike — but security firms say thieves are simply changing methods. Instead of exploiting smart contract vulnerabilities, attackers increasingly use wallet permission exploits and social engineering. Trust Wallet just launched real-time scam address screening across 32 EVM chains to combat "address poisoning," where scammers send dust transactions from lookalike addresses hoping users will copy-paste the wrong recipient.
Google threat researchers spotted something more sophisticated: fake crypto websites hosting a "new and powerful" iPhone exploit kit that can crack iOS devices and hunt for stored crypto. The shift toward social engineering and device-level attacks means wallet security alone isn't enough — users need to verify addresses character-by-character and treat unsolicited recovery offers as automatic red flags.
When the Thieves Are Inside the House
The fraud landscape gets messier when insiders are involved. John "Lick" Daghita, son of a U.S. government contractor, was arrested in Saint Martin after allegedly siphoning $46 million in crypto from seizure wallets managed by his father's company. "Last night, John Daghita – a U.S. government contractor who allegedly stole more than $46 million in cryptocurrency from the U.S Marshals Service – was arrested," FBI Director Kash Patel announced. Blockchain investigator ZachXBT publicly accused Daghita of the theft in January. "After the theft, Daghita taunted the feds on Telegram, asking his followers to send tips for his arrest," Polymarket noted.
Nevin Shetty, former CFO of a Seattle startup, just got two years in prison for secretly moving $35 million in company funds to his own DeFi platform — he lost nearly all of it in the Terra collapse. In India, authorities arrested a Darwin Labs co-founder in the GainBitcoin probe, which involves 8,000 investors and estimated losses of 6,606 crore rupees ($790 million). Even physical attacks are rising: fake police officers held a French couple at knifepoint and forced them to transfer $1 million in Bitcoin, part of a wave of "$5 wrench attacks" sweeping France.
What Traders Should Watch
The emerging pattern is clear: as protocols add security features and blockchains become more traceable, thieves target the weakest link — people. Brittany Kaiser, AlphaTON CEO and former Cambridge Analytica whistleblower, launched Vera Report on Telegram to reward fraud tipsters, shaped by her own whistleblowing experience. The platform aims to create financial incentives for exposing scams before they scale.
For prediction market traders, the question isn't whether crypto fraud will continue — it's which defense mechanisms will actually work. Wallet-level protections like Trust Wallet's address screening are table stakes. The real edge comes from tracking which recovery methods scammers exploit most: if victims systematically fall for fake recovery schemes after initial thefts, that's a systemic vulnerability worth pricing into any crypto adoption thesis. Watch regulatory forfeiture actions as a leading indicator — the $64 million seized in these two cases alone suggests law enforcement is getting better at following stablecoin trails, which could shift scammer behavior toward privacy coins or more sophisticated mixing.
