UK, US and Canadian law enforcement have frozen more than $12 million in suspected crypto scam proceeds in a coordinated action targeting “approval phishing” schemes that affected over 20,000 victims. The joint effort, called Operation Atlantic and led by the UK’s National Crime Agency (NCA), focused on scams that trick users into signing malicious on‑chain approvals that allow attackers to drain tokens directly from victims’ wallets. Authorities say infrastructure identified in the operation is linked to over $45 million in suspected fraud.
Operation Atlantic was co‑hosted with the U.S. Secret Service, Ontario Provincial Police and the Ontario Securities Commission, and ran as an intensive, week‑long initiative in March. Rather than only tracing funds after thefts, agencies worked to identify victims who had lost, or were at risk of losing, cryptocurrency through approval phishing and to secure assets before criminals could launder them. Chainalysis supported the operation, saying it targeted a fast‑growing threat and helped map more than $45 million in stolen crypto while securing and freezing over $12 million in suspected proceeds.
Private firms also contributed. Binance’s Special Investigations team provided on‑site support at the NCA’s London headquarters, offering live account screening, scam intelligence and identification of active scam websites, but Binance emphasized that no funds were frozen on its platform as part of the action. Binance described approval phishing as one of the most damaging scams targeting crypto users and said the operation demonstrates the effectiveness of coordinated public‑private action to stop fraud at the source.
NCA deputy director of investigations Miles Bonfield said the operation safeguarded thousands of victims in the UK and overseas, disrupted criminals, and helped prevent further losses. The operation underscores both the increasing sophistication of on‑chain fraud and the growing willingness of law enforcement and major exchanges to coordinate in near real time. It also highlights a practical warning for users: the most dangerous transaction is often the one you approve yourself.