UK Police Impersonators Swipe $2.8M in Bitcoin—Here’s How They Did It
Another day, another crypto heist—except this one didn't involve hacking, just old-fashioned deception.
How It Went Down
Scammers posing as UK police officers convinced a victim to transfer $2.8 million in Bitcoin. No malware, no exchange breach—just smooth talk and psychological manipulation. They exploited trust in authority, not code.
Why This Matters
While blockchain itself remains secure, human vulnerability is still crypto’s weakest link. This isn’t a smart contract flaw; it’s a social engineering win. And honestly, if you’re moving millions in crypto, maybe double-check that “official” call.
Big Picture
Incidents like this reinforce the need for broader education—not just on self-custody, but on scam awareness. The tech is bulletproof until people enter the equation. And as always, if it sounds too urgent—or too official—to be true, it probably is. Especially when someone’s asking for your private keys.
Stay skeptical, folks. Even in a decentralized world, human greed and gullibility remain very much centralized.
The Losses Increase
Financial crime continues to weigh heavily on the crypto industry, with billions lost to date this year alone in various attacks and exploits. The North Wales Police Department’s cybercrime unit has flagged the most recent incident, disclosing the theft of £2.1 million ($2.8M) in BTC from a cold wallet via impersonation.
They believe this was a targeted attack, possibly identified through a data breach, in an elaborate ruse with the scammer posing as a senior representative of UK law enforcement with a fabricated story.
Reportedly, the person posing as an officer claimed they had arrested someone who had the victim’s personal identification documents stored on their phone, alerting them to a possible security breach. With the target alarmed and fearful that their information had been stolen, the hacker took advantage of this and provided instructions for “securing” the victim’s cryptocurrency assets.
Unbeknownst to them, they were provided with a malicious LINK to a fake website that prompted them to log in to their cold wallet. Believing they were following the police’s instructions, they proceeded by entering the seed phrase into the site, and within minutes, the scammer was able to siphon the $2.8 million and vanish without a trace.
The police are now attempting to track the funds and have issued several reminders to the public, as well as to anyone else holding crypto assets, to be cautious of such individuals. Authorities in any state or country will never call the public to discuss their holdings, let alone how and where they store them.
Additionally, when in doubt, it’s perfectly fine to hang up, and if possible, verify whether the information you were given over the phone or the channel you were contacted on is correct. Moreover, no legitimate organization will ever ask for your seed phrase, so it’s best not to enter it on links provided by third parties under any circumstances.
Phishing Attacks Continue to Claim Victims
Social engineering attacks are far from the only type of fraud the cryptocurrency world has seen, but they are certainly one of the most commonly used methods.
CryptoPotato previously reported that this type of attack resulted in a loss of at least $65 million from the Coinbase exchange in December 2024 and January 2025.
Later in the current year, an elderly person was scammed out of over $330 million in Bitcoin, and a fraudulent phone call made to an engineer from the Indian CoinDCX exchange led to the loss of $44 million.
