Blockchain security firm Chainalysis has unveiled the results of Operation Spincaster, an initiative designed to combat “approval phishing” scams, a type of attack that resulted in the loss of $2.7 billion in crypto since May 2021.
Chainalysis said Operation Spincaster was a global extension of an operation the firm first conducted with Canada’s Calgary police in March 2024.
The operation involved a series of “operational sprints” across six countries between April and June, involving 12 public sector agencies and 17 crypto exchanges. These sprints saw Chainalysis identify over seven thousand criminal-linked leads.
From these, Chainalysis was able to trace the flow of funds and use them to close criminal-linked accounts, seize funds, and build intelligence to better prevent future scams.
During one of the sprints, Chainalysis said participants were able to get in contact with a victim directly and warn them they were under threat. The would-be victim was able to revoke approvals and prevent the loss of over six figures worth of crypto.
Operation Spincaster worked through a “three-pronged” approach — increasing public awareness of how approval phishing scams work, providing crypto exchanges with proactive surveillance tools to trace suspicious wallets, and boosting law enforcement capabilities.
Chainalysis’ director of investigations, Phil Larratt, told Cointelegraph that exchanges and law enforcement teams had been using his firm’s crypto investigations tool to better protect users’ crypto assets.
“Exchanges, in particular, use Chainalysis to conduct thorough background checks on transactions, monitor for signs of illicit activity, and prevent fraud. This protects their customers’ assets and minimizes exposure to malicious actors,” he said.
An approval phishing scam can occur in a variety of ways, but the end goal is for fraudsters to trick their target into signing an “approval” message that allows them to steal the user’s crypto.
These can take the form of a convincing fake crypto app or sophisticated romance scams, in which a scammer spends time building trust with their victim before compelling them to grant them access to their crypto wallet.
Larratt added that reputable organizations and people usually don’t ask people to approve transactions.
He added the best ways to avoid phishing approval scams include being extra skeptical of urgent requests for money and always verifying the identity and claims of people who ask for details about crypto wallets.
“Trust your instincts. If it seems too good to be true, it probably is,” he added.
On July 11, Chainalysis noted the challenges faced by traditional law enforcement in dealing with sophisticated crypto-native money laundering, which has increasingly involved the use of stablecoins such as Tether (USDT).
In a bid to increase the regulatory transparency of its services, Tether brought on Chainalysis’ former chief economist Philip Gradwell as its new head of economics on July 15.
Crypto-Sec: $11M Bittensor phish, UwU Lend and Curve fake news, $22M Lykke hack