The FBI's annual internet crime report reveals a 22% surge in cryptocurrency-related losses, with investment scams draining $7.2 billion alone and victims over 60 accounting for $4.4 billion of the total.
The FBI's Internet Crime Complaint Center logged 181,565 cryptocurrency-related complaints in 2025 with reported losses of $11.4 billion — a 22% increase from the prior year and a figure that now accounts for more than half of all cybercrime losses tracked by the agency nationwide.
The numbers, published in the IC3's annual report on 7 April, confirm a trend the industry would prefer to ignore: crypto isn't just a target for fraud; it has become the preferred medium for it. Of the $20.9 billion in total online losses reported to the FBI across all categories, cryptocurrency-denominated theft represented the single largest share. Not phishing, not wire fraud, not business email compromise — crypto.
Investment scams drove the bulk of the damage, generating 61,559 complaints and $7.2 billion in stolen funds. The mechanics are depressingly familiar. Scammers build trust over weeks or months — often through dating apps, social media, or encrypted messaging platforms — then steer victims toward fake investment platforms that display fabricated returns. The victim deposits more and more, believing the gains are real, until the platform vanishes. The scheme, commonly known as pig butchering, has industrialised over the past three years; many of the operations are run from compounds in Southeast Asia where workers themselves are victims of human trafficking.
Crypto ATM fraud added another $389 million across 13,460 complaints, a 58% year-on-year increase. These scams typically involve an impersonator — posing as a government official, a bank employee, or tech support — instructing the victim to withdraw cash and deposit it into a cryptocurrency ATM to "protect" their funds. The machines' irreversibility makes them ideal for this purpose; once the deposit is confirmed, recovery is functionally impossible.
The demographic breakdown is stark. Americans aged 60 and older reported $4.4 billion in crypto losses across 44,555 complaints, nearly double the next-closest age group and up sharply from roughly $2.8 billion in 2024. Seniors are disproportionately targeted because they tend to hold more savings, are less familiar with crypto mechanics, and are more likely to trust authority figures — the exact profile that impersonation scams exploit.
The FBI also flagged a secondary wave: recovery scams. After losing money to an initial fraud, victims are approached by individuals claiming to be investigators, lawyers, or recovery specialists who promise to retrieve the stolen funds — for a fee. The IC3 report notes instances of scammers impersonating IC3 officials themselves, telling victims their case has been identified and that they need to pay a processing charge to unlock seized assets.
The Bybit hack earlier in 2025 — a $1.4 billion theft attributed to North Korea's Lazarus Group — grabbed the headlines, but the IC3 data reveals a less dramatic and more corrosive reality. The aggregate of small-scale consumer fraud now dwarfs even the largest institutional heists. A $50,000 loss to a pensioner in Florida doesn't trend on crypto Twitter, but multiply it by tens of thousands of victims and the scale exceeds anything a state-sponsored hacker has managed.
For the industry, the report presents an uncomfortable question: if the infrastructure that makes crypto useful — pseudonymity, irreversibility, global reach, 24/7 availability — is the same infrastructure that makes fraud effective, what exactly is the proposed solution? The Ethereum Foundation's recent $1 million commitment to smart contract audits addresses protocol-level exploits but does nothing about social engineering. Exchange-level KYC has tightened substantially under MiCA in Europe and the GENIUS Act framework in the United States, but neither regime touches the peer-to-peer channels where most pig-butchering operations originate.
The FBI's figures also arrive at a politically sensitive moment. The CLARITY Act, now in its final stretch before a Senate markup, will define how crypto is regulated in the United States for the next decade. The $11.4 billion number gives ammunition to lawmakers who argue that the industry's rapid growth has outstripped its ability to protect consumers — and who will demand that any market-structure bill include fraud prevention provisions with real teeth.
The IC3 itself makes no policy recommendations. It counts, categorises, and reports. But the trajectory of its numbers — up 22% in a year when the broader crypto market was largely flat — tells a story that needs no editorial: the scam economy is growing faster than the legitimate one.
