US officials are working to return $7 million to victims of a widespread cryptocurrency scam that used fake investment websites to steal funds through social engineering tactics. The scheme was revealed in a March 21 statement from the US Attorney’s Office for the Eastern District of Virginia.
According to the statement, scammers contacted victims directly, built trust over time, and then directed them to fraudulent websites posing as legitimate crypto investment platforms. These platforms falsely displayed profits to convince victims their investments were performing well.
Once money was deposited, it was funneled through more than 75 domestic bank accounts controlled by shell companies, then moved overseas. Authorities say the international transfers were disguised as domestic wire transactions to avoid detection.
Victims were misled into believing their investments were growing, but when they tried to withdraw funds, scammers demanded additional payments. Tactics included claims that taxes or fees needed to be paid before accessing their money, further deepening the victims’ losses.
In 2023, the US Secret Service traced and seized a portion of the stolen funds from a foreign bank. A legal battle followed, with the bank also laying claim to the seized funds. However, a settlement was eventually reached, allowing $7 million to be returned to victims. The Secret Service is now inviting affected individuals to file claims to recover their losses.
This case highlights the growing sophistication of crypto-related crimes. According to Chainalysis’ 2025 Crypto Crime Report, the landscape has shifted toward well-organized cybercrime syndicates using advanced techniques.
International warnings about similar scams have also surfaced. On the same day as the US announcement, Australian federal police reported a scam targeting over 130 individuals using fake messages that mimicked legitimate exchanges like Binance. Earlier in March, scams impersonating Coinbase and Gemini attempted to trick users into creating wallets with pre-set recovery phrases controlled by fraudsters.
Cybersecurity firm Malwarebytes also issued an alert on March 18 about malware disguised within pirated versions of TradingView Premium software, designed to steal crypto from unsuspecting users.
Authorities continue to urge the public to stay vigilant and thoroughly verify platforms before investing in cryptocurrency.
