AI made crypto scams far more dangerous

September 24, 2025

2025 has been one of the worst years to be a cryptocurrency investor as far as security is concerned. The first half of 2025 saw more than 3 billion USD worth of crypto assets appropriated by threat actors: more losses than the entirety of 2024. Security researchers studying different aspects of fraud, deception, and theft in the crypto community have largely pointed to the same broad theme for what is fueling this year-on-year increase in crypto crime: the rise of AI and AI-based tools.

AI tools are employed in multiple forms in the cybercrime community, ranging from direct to indirect. One aspect that has become more ubiquitous as the technology has become cheaper is the use of deepfakes in crypto fraud scams. A recent example published by the UK’s National Cyber Security Center involved the use of a YouTube account using an AI-generated profile picture, AI-generated voice, and over 100 thousand followers believed to have been purchased. This account provided false instructions to use software called Trading View by providing a command line that, if users actually ran it, would retrieve and install an infostealer. It is also common for these deepfake scams to impersonate existing celebrities to promote a scam. This year, sophisticated deepfakes of Elon Musk, Mr. Beast, and even US President Donald Trump have appeared on video services like TikTok and YouTube as part of scam activity.

In addition to the use of deepfakes as part of social engineering schemes, AI can also perform the social engineering itself. AI agents have taken the world of long-term romance baiting scams, also colloquially known as pig butchering, by storm. With the help of agents, a single threat actor can coordinate thousands of different messages with hundreds of different targets, softening their defenses over time before eventually separating them from their money. This type of attack is proven and effective. Within the last few months, authorities in New York State froze 300 thousand USD worth of crypto assets that had been scammed from Russian-speaking New Yorkers in a fake crypto trading scheme.

What can we do to protect ourselves from these scams? As always, the answer usually comes down to education. Crypto exchanges have a responsibility to educate their users on the dangers of scams, and users have a responsibility to educate themselves as well. Exchanges should also monitor the transactions of their users and track any unusual activity, such as sudden large withdrawals or deposits. In general, especially in an industry as potentially dangerous as cryptocurrency, users and businesses alike need to make security a priority.

More from Blackwired

October 1, 2025

Gemini Trifecta Highlights Dangers of Indirect Prompt Injection

Tenable found 3 major flaws in Google Gemini enabling prompt injection, data leaks, and exfiltration—now patched by Google.

Read more
September 17, 2025

Fifteen Ransomware Gangs “Retire,” Future Unclear

Scattered Spider claims to retire, but experts suspect a rebrand as attacks linked to the group continue.

Read more
September 10, 2025

Stealthy attack serves poisoned web pages only to AI agents

New AI browser attack targets agents via hidden prompts, exploiting unique agent fingerprints to deliver invisible malicious code.

Read more

© 2024 Blackwired. All Rights Reserved.