What Happened
The UK’s National Crime Agency (NCA) announced the results of Operation Atlantic, an international cryptocurrency fraud enforcement action conducted in March 2026. The operation identified more than 20,000 victims of cryptocurrency fraud across Canada, the United Kingdom, and the United States, and froze more than $12 million in suspected criminal proceeds. Total fraud volume mapped during the operation exceeded $45 million globally.
Operation Atlantic targeted “approval phishing” — a technique where scammers socially engineer victims into signing fraudulent blockchain transactions that grant the attacker permanent permission to drain the victim’s cryptocurrency wallet. Unlike traditional credential theft, the victim authenticates the transaction themselves, making it appear legitimate on-chain and complicating recovery efforts.
The operation involved real-time intelligence sharing among the NCA, the US Secret Service, the Ontario Provincial Police (OPP), the Ontario Securities Commission (OSC), and multiple private sector partners including blockchain analytics firms. The coordinated approach allowed investigators to trace illicit funds while they remained recoverable, resulting in asset freezes before criminal proceeds were moved through mixers or cross-chain bridges.
Why This Matters for Canadian Organizations
Canada’s direct participation in Operation Atlantic — through both the OPP and the OSC — reflects the scale of the problem domestically. Approval phishing is not limited to retail cryptocurrency investors. The technique is increasingly used against corporate treasury teams, crypto asset service providers (CASPs), and businesses holding digital assets on behalf of clients. Canadian organizations operating in the digital asset space carry obligations under FINTRAC’s virtual currency rules, which require reporting of suspicious transactions and large cash or crypto transactions.
The OSC’s involvement signals that securities regulators are treating cryptocurrency fraud as a regulated-market enforcement priority, not a fringe issue. Canadian businesses offering any form of token-based product, staking service, or digital asset custody face the full scope of both FINTRAC obligations and OSC oversight, and are expected to maintain controls capable of detecting and responding to approval phishing attempts against client accounts.
The 20,000-victim figure also reflects the continued effectiveness of romance scam and fake investment platform models — commonly called “pig butchering” — that precede the approval phishing transaction. Canadian consumers, particularly older adults managing retirement savings, remain primary targets.
What to Do
Organizations in the Canadian digital asset sector should audit their client-facing transaction authorization workflows for exposure to approval phishing. Implement transaction simulation and spend limit alerts before clients sign any approval-granting transactions. Train client-facing staff to recognize the social engineering patterns associated with pig butchering and approval phishing. Ensure FINTRAC suspicious transaction reports are being filed for any client accounts showing patterns consistent with fraud victimization. For general enterprises holding digital assets, implement multi-party authorization controls — requiring two or more signers — for any wallet approval or transfer transaction above a defined threshold.
Source: BleepingComputer | National Crime Agency
