Crypto Lost $17 Billion to Fraud in 2025 and the Scams Are Getting Smarter

The Chainalysis 2026 Crypto Crime Report, released in January, puts a precise figure on the scale of cryptocurrency fraud throughout 2025. Scams and fraud collectively drained $17 billion from victims globally over the course of the year.

For context, that figure surpasses the GDP of several small nations. It represents real people, retail investors, retirees, first-time crypto users, who trusted the wrong voice, clicked the wrong link, or simply didn’t see it coming.

What makes the report particularly striking is not the total. It’s what drove the growth.

AI Turned Fraud Into an Industry

Impersonation scams grew 1,400% year-over-year in 2025. That number is not a typo. The engine behind that growth, according to Chainalysis, is artificial intelligence, specifically deepfake video, voice cloning, and AI-generated personas that make fraudulent communications nearly indistinguishable from legitimate ones.

Scam operations deploying AI tools were found to be 4.5 times more profitable than traditional methods, extracting an average of $3.2 million per operation. The economics have fundamentally shifted. Running a convincing fraud campaign used to require significant human labor, trained operators, scripted calls, time-intensive relationship building. AI compresses that cost dramatically while simultaneously making the deception more believable.

The organizational structure behind these operations has also matured. Many of the largest schemes are now linked to organized crime networks operating forced labor compounds in Cambodia and Myanmar, industrialized fraud at a scale that more closely resembles a corporate enterprise than a criminal ring. The human cost extends well beyond the victims losing money.

Security researchers note a meaningful shift in where attackers are focusing their energy. On-chain protocol code has become harder to exploit as auditing standards improve. The attack surface has migrated toward human vulnerability, social engineering, credential theft, operational failures inside organizations. The weakest point in the system is no longer the smart contract. It’s the person on the other end of the screen.

Bybit’s Response and What It Blocked

For Bybit, 2025 was a year of rebuilding credibility after a devastating start. The exchange suffered a $1.5 billion hack in February 2025, attributed to North Korea’s Lazarus Group, a breach that at the time stood as the largest in crypto history. The pressure to demonstrate structural security improvements was considerable.

The response came in the form of a three-tier AI-driven risk framework rolled out across 2025. By Q4, the results were measurable. Of $500 million in suspicious withdrawals flagged by the system, $300 million was successfully intercepted and recovered, protecting approximately 4,000 users from losses the exchange describes as life savings.

The framework operates in layers. The first tier uses big-data heuristics to identify unusual behavioral patterns and blacklist high-risk destination addresses before a transaction is initiated. The second triggers real-time alerts when accounts appear in credential stuffing databases or attempt to send funds to flagged addresses. The third, the most aggressive, imposes a mandatory one-hour cooling-off period on transactions matching high-risk profiles, including the behavioral signatures associated with pig butchering schemes, where victims are psychologically groomed over weeks before being directed to transfer large sums.

Beyond withdrawal protection, Bybit’s systems blocked over three million credential stuffing attempts throughout the year. That figure speaks to the volume of automated attack traffic the platform absorbs on an ongoing basis, a number that would have been nearly impossible to manage without machine-learning infrastructure processing it in real time.

The Gap Between Defense and Offense

The honest read of both reports together is that the industry’s defensive capabilities are improving, while the offensive capabilities arrayed against it are improving faster.

Bybit blocking $300 million is a genuine achievement. $17 billion lost globally in the same year puts that achievement in proportion. The gap between what security systems intercept and what fraud operations successfully extract remains vast, and the 1,400% growth in AI-powered impersonation scams suggests that gap is not narrowing at a rate that should offer much comfort.

The shift toward human-layer attacks is the more durable problem. Technical security can be upgraded. Human judgment under sophisticated psychological pressure is considerably harder to systematically protect. Until the industry develops consumer-facing tools that match the sophistication of the attacks targeting consumers, the $17 billion figure has little reason to move meaningfully in the right direction.

The post Crypto Lost $17 Billion to Fraud in 2025 and the Scams Are Getting Smarter appeared first on ETHNews.