Identity theft and AI scams: How criminals swindled $17 billion in 2025

The cryptocurrency analysis firm Chainalysis has documented a disturbing development in its latest report: in 2025, cryptocurrencies worth approximately $17 billion disappeared due to fraud and scams. This sum reveals a paradigm shift in how criminal actors operate. Identity theft and artificially generated scam schemes are replacing cyberattacks as the primary source of income for criminals – a trend that increasingly renders traditional security measures ineffective.

The alarming record: unprecedented losses from identity theft and AI scams

According to Chainalysis’s January 2026 crypto crime report, the greatest threat no longer comes from technical security vulnerabilities but from sophisticated manipulation. Identity theft is becoming the core of this new threat landscape. The analysis firm recorded a 1,400 percent increase in such fraud cases year-over-year – an explosive growth that shows how systematically criminals are operating.

A particularly notable shift is in the size of payments: while scammers previously relied on the “spray-and-pray” strategy (many small amounts hoping for success), they now focus on fewer but significantly more lucrative targets. This professionalization means that average damages per case have risen dramatically.

AI as a multiplier for scams: why automated attacks are 4.5 times more profitable

The use of artificial intelligence has fundamentally changed the nature of crypto scams. Chainalysis found that AI-supported scams are 4.5 times more profitable than traditional fraud attempts. The reason lies in industrial-scale scalability: deepfakes and automated tools enable criminals to generate large-scale fake “support agents,” “official notices,” and seemingly trustworthy insiders.

This technological escalation means each scam is executed more precisely. Criminals can now conduct personalized social engineering campaigns that deceive even skeptical and knowledgeable users. AI technology not only produces better fakes but also allows targeted selection of victims – criminals know more accurately who is easy to deceive and which funds are worth stealing.

From cyberattacks to trust manipulation: the shift in crypto crime

A look at the sources of losses shows a clear trend: while hacks and technical exploits still cost $2.2 billion in 2024, the damage potential is increasingly shifting toward trust-based scams. This is a fundamental change – it is much more difficult to secure trust technically than to protect a smart contract.

Impersonation scams play a key role here. Scammers pose as exchange employees, imitate KYC processes, or send seemingly official payment requests. Lior Aizik, co-founder and COO of the crypto exchange XBO, confirmed to industry publications that this trend is even more alarming in reality than in statistics. He warned users to be very cautious about sharing sensitive information – not even with supposedly genuine support staff. “These attacks rely on urgency and trust, not on technology,” Aizik explained. He himself has been repeatedly targeted by identity theft, with scammers using fake profiles under his name to deceive others.

Real cases show the extent: when identity theft leads to financial disaster

The statistics gain weight when looking at concrete cases. In the UK, a man lost nearly $2.5 million in 2025 due to a Bitcoin scam described by police as “a disturbing new trend.” The attackers used sophisticated psychology: they incited fear and panic and developed scam scenarios convincing even cautious asset owners.

The North Wales Police reported in 2024 that between 2020 and the end of 2023, nearly 100,000 Britons fell victim to investment scams – with total damages of £2.6 billion (about $3.5 million). That averages to about £13 million ($17.5 million) per week. These figures only account for reported cases; the actual number is much higher.

The central risk: when people become the weak point

Chainalysis’s key insight is: crypto crime is no longer just about technical security breaches but increasingly about deceptions that are convincing enough to overcome skepticism – even when wallets and exchanges do everything right. This means that even the best exchange security only solves part of the problem.

The combination of identity theft, AI-generated content, and social engineering creates a new category of risks against which technical measures alone are ineffective. The warning to users is clear: do not blindly trust support requests, no matter how authentic they appear. And never transfer your cryptocurrencies to external accounts – even if the sender appears urgent or seemingly official.