U.S., UK, Canada Start Operation Atlantic to Disrupt Crypto Approval-Phishing Scams

Approval‑phishing has become the most lucrative tactic in crypto fraud, exploiting the trust users place in familiar wallet interfaces. By mimicking legitimate pop‑ups, scammers obtain permission to move funds, a breach that is irreversible on blockchain ledgers. The $14 billion loss recorded in 2025 underscores how social‑engineering, amplified by AI‑generated content, can outpace traditional security measures, leaving investors vulnerable and regulators scrambling for solutions.

Operation Atlantic marks a significant escalation in cross‑border law‑enforcement collaboration. Leveraging the investigative framework of Project Atlas, agencies from the United States, United Kingdom and Canada are sharing intelligence, forensic tools, and real‑time alerts to intercept phishing attempts before funds are transferred. The joint operation also draws on insights from prior initiatives like Chainalysis’ Operation Spincaster, which produced thousands of leads and recovered millions, demonstrating the power of coordinated action against decentralized threats.

Looking ahead, the success of Operation Atlantic could reshape how the crypto ecosystem addresses fraud. Enhanced warning systems and rapid‑response protocols may become standard, prompting exchanges and wallet providers to integrate stronger permission controls and user‑education modules. Regulators may also consider mandating clearer disclosure of permission requests, while industry groups could develop shared blacklists of phishing‑as‑a‑service operators. If these measures gain traction, the market could see reduced illicit outflows and restored confidence among institutional and retail investors alike.