International task force stops approval phishing scheme targeting crypto wallets
This week, a joint operation by the U.S. Secret Service and multiple Canadian law enforcement agencies successfully dismantled a cryptocurrency phishing operation responsible for stealing approximately $4.3 million worth of Ethereum from unsuspecting users across North America.
The scam exploited a tactic known as “approval phishing,” where users unknowingly grant access to their digital wallets by interacting with malicious smart contracts. Once access is approved, scammers can drain tokens without needing further authorization.
Operation Highlights
Agencies Involved:
• U.S. Secret Service
• British Columbia Securities Commission (BCSC)
• Ontario Securities Commission (OSC)
• Alberta Securities Commission
• Autorité des marchés financiers (AMF)
• Royal Canadian Mounted Police (RCMP)
• Vancouver and Delta Police Departments
Investigators worked closely with blockchain analytics firms and trading platforms to identify fraudulent wallet connections. Nearly 100 Canadians were alerted to unauthorized approvals on their Ethereum wallets and instructed on how to revoke access, helping prevent further loss.
What Is Approval Phishing?
Unlike traditional phishing attacks, approval phishing does not require users to surrender passwords or seed phrases. Instead, it involves tricking users into signing smart contract transactions that authorize scammers to move assets freely from their wallets.
This method is commonly linked with long-term manipulation schemes such as romance scams and pig butchering, where fraudsters gain victims’ trust before initiating financial exploitation.
Protecting Yourself in Web3
According to Special Agent Matt McCool of the U.S. Secret Service, “This operation highlights the need for continued public education and coordinated enforcement in protecting digital asset holders.”
To reduce exposure to similar attacks, experts recommend:
• Regularly reviewing wallet permissions
• Avoiding links and DApps from unknown sources
• Using trusted platforms and wallet managers
• Staying informed about emerging scams and phishing trends
For security resources and wallet safety tips, visit secretservice.gov.
Final Thoughts
As the crypto market matures, scams continue to evolve in sophistication. However, operations like this show how regulatory bodies are adapting to meet the challenge. Education, vigilance, and international cooperation are critical to safeguarding the future of digital finance.
