Why the new generation of fraud looks like customer service, compliance checks, and payment infrastructure
Crypto scams used to be easy to spot.
A fake coin. A sketchy Telegram group. A celebrity giveaway with a misspelled username. A website promising 40% monthly returns because “the algorithm never loses.”
That still exists. But in 2026, the numbers tell a different story. According to Chainalysis’s 2026 Crypto Crime Report, an estimated $17 billion was lost to crypto scams in 2025, and the fastest-growing categories don’t look like scams at all. They look like customer service. They look like compliance checks. They look like payment infrastructure.
Disclaimer: This article is for informational and commentary purposes only. It is not legal, financial, or investment advice. Some examples discussed below involve allegations from lawsuits, complaints, or consumer reports. Allegations are not findings of fact unless a court or regulator has adjudicated them. Always do your own research and consult qualified professionals before making financial decisions.
1. AI impersonation scams
The fastest-growing crypto scam category in 2026 is impersonation, and the growth is not subtle.
Press enter or click to view image in full size
AI impersonation scams
Chainalysis reports that impersonation scams grew roughly 1,400% year over year, and that AI-enabled scam operations are about 4.5x more profitable than traditional ones, extracting an average of $3.2 million per operation versus $719,000 for scams without AI tooling. The average scam payment grew 253% to $2,764, a sign that criminals have shifted from spray-and-pray cons to fewer, more lucrative targets.
The scam is simple: criminals pretend to be someone you already trust. A crypto exchange support agent. A government agency. A bank. A founder, a romantic partner, a public figure, or a family member calling in a cloned voice.
A scam used to announce itself through broken English and absurd promises. Now it arrives as a routine account notice, a polite compliance request, or a video call with a face that moves and talks like the real person.
The FBI’s 2025 Internet Crime Report (released April 2026) found that Americans filed 181,565 cryptocurrency-related complaints totaling more than $11.3 billion in losses, over half of the $20.9 billion in total reported internet crime losses that year. Americans 60 and older bore the worst of it, reporting $4.4 billion in losses. A particularly cruel subcategory: “recovery scams,” where fraudsters impersonate law firms, government officials, or even the FBI itself to revictimize people who already lost money. That category alone produced $1.4 billion in reported losses.
The red flag: urgency plus authority. If someone pressures you to move crypto quickly, verify your identity through a link they sent, or “secure” your wallet by transferring funds, stop.
2. Pig butchering and fake trading platforms
Earlier this year, the FBI filed a civil forfeiture complaint in federal court in Macon, Georgia, on behalf of a man identified in court documents only as J.M. His story started with a stranger’s message on Facebook. It ended with him out roughly $164,000. The investment platform his new contact showed him displayed steady profits, right up until he tried to withdraw, when the platform told him he owed another $50,000 in “taxes and fees” before his money could be released. Court records show he kept sending Bitcoin, more than $32,000 of it in November alone, trying to unlock funds that were never coming back.
Pig butchering and fake trading platforms
That is pig butchering, and it remains the most financially devastating crypto scam in the world.
The term refers to long-term social engineering. Scammers build trust over weeks or months through romance, friendship, business networking, or private investing groups, then introduce a fake trading platform that appears to show profits. At first, the victim may be allowed to withdraw a small amount. That builds trust. Then the deposits get larger. Then withdrawals stop. Then come the fees, exactly as J.M. experienced.
Per the FBI’s 2025 data, investment fraud was the costliest crypto category at $7.2 billion in reported losses. And these operations are industrialized: the DOJ’s Scam Center Strike Force, launched in late 2025, has tied major networks to fortified scam compounds in Burma, Cambodia, and Laos, often staffed by trafficked workers forced to run fraud operations. At its peak, one network (Prince Group) was reportedly earning more than $30 million per day.
The crackdown is real but the threat isn’t gone. In 2026 alone, the Strike Force has seized over $580 million in crypto from these networks, taken down 503 fake investment websites, and charged operators of compounds in Southeast Asia. The FBI’s Operation Level Up has notified nearly 9,000 victims of ongoing investment fraud, and 77% of them had no idea they were being scammed.
The red flag: a relationship that turns into an investment opportunity, especially if the platform is unfamiliar, private, invite-only, or shows unusually consistent returns.
3. World Cup hype, event tokens, and narrative rug pulls
Scammers follow attention, and nothing on the 2026 calendar draws more of it than the World Cup.
World Cup hype, event tokens, and narrative rug pulls
With the tournament underway across North America, the FBI and local law enforcement have issued formal warnings about fake FIFA ticketing sites, counterfeit hospitality packages, and fraudulent crypto tokens. Researchers tracked more than 13,000 World Cup-themed domains registered between January and May 2026, with roughly 8.8% flagged as malicious or suspicious, and crypto tokens are the single highest-volume scam category among them.
One fake site marketed itself as “the official community token celebrating the FIFA World Cup 2026,” complete with a mega-airdrop and a participant counter pinned at 48 (the number of qualified teams). For the record: there is no official World Cup token, coin, or fan currency.
Those fake airdrop and token-claim pages often double as wallet drainers. You connect your wallet to “claim” the token, approve a permission you don’t fully understand, and the attacker empties your assets. No legitimate claim page ever needs your seed phrase, and no legitimate platform charges a fee to unlock your own funds.
The scam doesn’t always start with “give us your money.” It starts with a story: “This is the official fan token.” “This presale is only open for 24 hours.” “This influencer is already in.”
Meme coins and event tokens can be legitimate experiments, but they’re also perfect vehicles for rug pulls: hype the launch, attract liquidity, dump tokens, abandon the project.
The red flag: a token whose main value proposition is hype, urgency, celebrity association, or a claimed partnership that can’t be verified through official channels.
4. Commingled funds: when the platform itself is the scam
Sometimes the scam isn’t a fake platform. It’s a real one.
FTX is the template. Customers thought they were using an exchange; they were actually funding an undisclosed slush pool. Roughly $8 billion in customer money went missing, and Sam Bankman-Fried is serving 25 years for fraud. Celsius ran the same play with a yield wrapper: founder Alex Mashinsky promised customers their deposits were safe while secretly using them for uncollateralized loans, risky bets, and propping up Celsius’s own token. When withdrawals froze, customers had $4.7 billion stuck on the platform. Mashinsky pled guilty and was sentenced to 12 years in May 2025.
If that feels like old news, 2026 has already produced a fresh example. In March, Chicago-based trading and lending firm BlockFills filed for Chapter 11 after freezing customer deposits and withdrawals. A lawsuit filed by investment firm Dominion Capital alleges that BlockFills commingled client crypto with company funds on a single balance sheet, used the pooled assets to cover its own operating costs, and concealed trading losses, creating an alleged shortfall of roughly $77 million by the end of 2025. A federal judge froze about 70.6 Bitcoin tied to the dispute. Those commingling claims are allegations, not yet proven, but the bankruptcy and the frozen withdrawals are very real for customers.
The pattern repeats because the failure mode is invisible from the outside. The app works. The balances display. The yield accrues. Everything looks fine right up until the withdrawal button stops working, because the entire time, “your” balance was an IOU from a company doing something else with the money.
The red flag: platforms offering yield on deposits without clear, audited disclosure of where the yield comes from, whether customer assets are segregated, and what happens to your funds if the company fails.
5. The new danger zone: opaque payment infrastructure
Commingling at exchanges and lenders is now a familiar story. The newer version of the risk lives one layer down, in payment infrastructure. And to be clear up front, this category is about unresolved disputes and unanswered questions, not adjudicated fraud.
A current example worth watching is the litigation involving Payken and TierLock.
https://youtu.be/Xb8hV6HNy4E?si=sRN9yp820PdfaIS4
YouTube Video covering the Payken/ Tierlock lawsuit.
On paper, both look like ordinary fintech. Payken’s public materials describe a digital transaction platform: ticketing, memberships, digital storefronts, invoicing, withdrawals, blockchain-backed payments. TierLock’s describe verification and access-control infrastructure with wallet and payment features. The two also share visible plumbing: TierLock’s customer help center runs on a Payken-hosted support portal, and TierLock’s developer docs reference Payken systems.
The lawsuit is where the questions start. In a Delaware Court of Chancery case, Payken Holdings SPV I LLC v. Payken, Inc., lenders say they funded a shared liquidity pool so Payken could run its payment operations, and that Payken broke the agreement and never paid them back, roughly $3.2 millionworth. The complaint goes further. It alleges that assets, software use, or liquidity-pool funds moved from Payken to TierLock, which the filing describes as an entity under Payken’s control or common control.
Those are allegations. No court has ruled on them, and neither company has been found liable for anything. Independent commentary, including coverage on The Rebecca Wilson Report, has framed the case as a question about connective tissue: how entities, infrastructure, liquidity, and user funds relate to one another, and whether users can tell.
That framing is the point, and it’s bigger than any one company. Notice how the questions rhyme with the FTX and Celsius failures above. It’s not whether a token goes up or down. It’s whether customer funds, company funds, and liquidity-pool funds are clearly separated, properly disclosed, and accountable. Before trusting any payment platform with funds, ask:
- Who controls the platform, and who actually holds the funds?
- Are customer funds, company funds, and liquidity-pool funds segregated?
- What legal entity is responsible, and what happens if funds move to an affiliate?
- Is the company a custodian, merchant of record, wallet provider, processor, or something else?
- Does the marketing language match the legal terms of service?
The red flag: confusing entity structures, vague funds-flow disclosures, affiliated companies sharing infrastructure, and litigation alleging money or assets moved in ways users or lenders didn’t expect.
The bigger lesson for 2026
Crypto scammers have adapted. They use AI, professional design, real payment rails, fake support desks, and legal complexity. Above all, they use urgency, trust, and confusion.
That means “do your own research” isn’t enough if research only means checking a website and a few social posts. In 2026, due diligence should include court records, regulator databases, state business filings, terms of service, custody and funds-flow language, complaint trackers, and founder history, all verified against primary sources.
The average person isn’t equipped to audit every crypto platform like a forensic accountant. That’s exactly why scammers thrive.
But one simple rule still works:
If you cannot clearly explain who controls the money, where the money goes, and what legal entity is responsible, do not send funds.
Crypto may be decentralized. Fraud is not. Fraud usually has a structure, a story, a funnel, and a person hoping you won’t slow down long enough to notice.
If you’ve already been targeted, report it at ic3.gov, and check the California DFPI Crypto Scam Tracker to see if the platform that took your money has been reported before. Be especially wary of anyone who contacts you offering to recover your losses for a fee. That’s usually round two of the same scam.
Sources
- Chainalysis 2026 Crypto Crime Report: Scams
- CoinDesk: Chainalysis report reveals impersonation and AI crypto scams surpass cyberattacks
- FBI 2025 Internet Crime (IC3) Annual Report
- FBI press release: Cryptocurrency and AI Scams Bilk Americans of Billions
- 13WMAZ: Central Georgia man lost $164K to “pig butchering” crypto scam that started on Facebook
- DOJ: Scam Center Strike Force Takes Major Actions Against Southeast Asian Scam Centers
- IRS-CI: Strike Force crypto seizures top $580 million
- Decrypt: World Cup Crypto Scams Are Targeting Soccer Fans, Law Enforcement Warns
- TechRadar: FIFA World Cup 2026 hype kicks off fraud, fake apps, and ransomware
- DOJ SDNY: Founder of Celsius sentenced to 12 years for fraud and market manipulation
- CoinDesk: Crypto trading firm BlockFills files for bankruptcy
- Yahoo Finance: BlockFills entities file bankruptcy after withdrawals halted, court froze Bitcoin
- California DFPI Crypto Scam Tracker
- Law360: Payments Co. Sued Over $3M Liquidity Pool Loan Default
- Payken Holdings SPV I LLC v. Payken, Inc., Delaware Court of Chancery filing
- The Rebecca Wilson Report: “Tierlock Exposed — $3.2M Lawsuit Filed”
Company Details
Organization: The Rebecca Wilson Report
Contact Person Name: Rebecca Wilson
Website: https://www.youtube.com/@RebeccaWilsonReport
Email: wilsonrebecca260@yahoo.com
Country: United States
