Analysis of The FBI 2023 Cryptocurrency Fraud Report

SlowMist
7 min readSep 14, 2024

--

On September 9, 2024, the U.S. Federal Bureau of Investigation (FBI) released its 2023 Cryptocurrency Fraud Report. This comprehensive report delves into cryptocurrency-related complaints received by the Internet Crime Complaint Center (IC3) in 2023, analyzing them on both macro and micro levels. The report also explores the characteristics of cryptocurrencies and the primary types of cryptocurrency crimes witnessed during the year. This article aims to breaks down the key points of the report, helping readers quickly grasp the crucial information and improve their understanding of complex security threats and how to address them.

Key Point 1: 2023 Cryptocurrency-Related Complaint Data

In 2023, the FBI’s Internet Crime Complaint Center (IC3) received over 69,000 complaints related to cryptocurrency financial fraud, with total losses exceeding $5.6 billion. While cryptocurrency complaints accounted for only about 10% of all financial fraud complaints, they represented nearly 50% of the total financial losses.

Cryptocurrency-related losses increased by 45% compared to 2022.

1. Breakdown by Age Group:

- Victims aged 60 and above suffered the largest financial losses, totaling $1.648 billion.

2. Breakdown by Crime Type:

Investment Fraud:

  • Complaints: 32,094
  • Losses: $3.961 billion

Tech Support Scams:

  • Complaints: 8,719
  • Losses: $421 million

Personal Data Breaches:

  • Complaints: 8,716
  • Losses: $495 million

Extortion/Blackmail:

  • Complaints: 8,630
  • Losses: $9.28 million

3. Breakdown by Country/Region:

Countries with the most complaints:

  • United States: 57,762 complaints
  • Canada: 1,236 complaints

Countries with the highest financial losses:

  • United States: $4.809 billion
  • Cayman Islands: $196 million

Key Point 2: Why Criminals Exploit Cryptocurrencies

1. Decentralization:

Cryptocurrencies are decentralized and distributed, making them a secure medium for transferring value. Users can move cryptocurrencies globally in exchange for goods, services, or other cryptocurrencies. Criminals exploit these features for illegal activities such as theft, fraud, and money laundering.

2. Irreversible Transactions:

Cryptocurrency transactions can be made from anywhere, and once completed, they are irreversible. This enables criminals to quickly conduct large-scale cross-border transfers without being subject to anti-money laundering measures imposed by traditional financial institutions.

3. Challenges in Tracing Funds:

While blockchain technology provides a public ledger, making it possible for law enforcement to trace funds, tracking cryptocurrencies across borders remains challenging. SlowMist believes that international cooperation is necessary for effective law enforcement. For more insight, refer to the article on International Cooperation in Law Enforcement: The Emerging Trend in Combating Cryptocurrency Crime

Key Point 3: Focus on Cryptocurrency Crime Types in 2023

1. Investment Fraud:

Investment fraud accounted for the largest portion of cryptocurrency-related losses in 2023, representing about 71% of total losses, a 53% increase from 2022’s $2.57 billion. The most prevalent type in 2023 was Trust-based Cryptocurrency Investment Fraud:

- Scam: Scammers target victims via dating apps, social media, or encrypted messaging apps. After weeks or months of building trust, they introduce the topic of cryptocurrency investments, claiming expertise or knowledge of someone who can help make money. They lure victims with false profits, allowing them to withdraw small sums initially to build trust. When victims try to withdraw their principal and earnings, they are told they must pay fees or taxes. Even after paying, no funds are returned.

- Human Trafficking: Scammers post fake job ads targeting Asian communities. Once job seekers arrive at the designated location, their passports and travel documents are confiscated, and they are coerced into working under threat. Victims are saddled with debts for travel and documentation fees, which they must repay while also covering living expenses. These debts, along with fear of local law enforcement, are used as leverage to control the victims.

Aside from trust-based cryptocurrency investment fraud, other variants include:

- Liquidity Mining Scams: Legitimate liquidity mining involves providing liquidity to exchanges in exchange for a share of trading fees. Fraudsters prey on investors (typically USDT or ETH holders), promising daily returns of 1–3% to lure them into fraudulent liquidity mining platforms. Once funds are transferred, recovery becomes extremely difficult. For more details, refer to our guide on avoiding Fake Mining Pool Scams.

- Play-to-Earn (P2E) Games: Fraudsters promote fake games that offer cryptocurrency rewards for participation. They instruct victims to create crypto wallets, purchase cryptocurrency, and join the game, promising higher rewards with more deposits. However, the rewards are fake, and once victims stop depositing, the scammers withdraw all funds. To avoid such scams, users are advised to use dedicated wallets for these games and regularly check wallet permissions using tools like Revoke.Cash or Scam Sniffer.

2. Cryptocurrency ATMs (Self-service Kiosks):

Cryptocurrency kiosks function like ATMs, allowing users to exchange cash for cryptocurrency. Scammers guide victims through the process of withdrawing cash and using kiosks to deposit and transfer funds. This method provides greater anonymity than depositing cash at a financial institution. In 2023, IC3 received over 5,500 complaints related to cryptocurrency kiosks, with losses exceeding $189 million.

3. Cryptocurrency Recovery Scams:

Victims of previous scams are often targeted again through recovery scams. Fraudsters pose as cryptocurrency recovery services, claiming they can recover lost funds. They advertise on social media or directly contact victims, charging upfront fees before disappearing or providing incomplete reports. These fraudsters may also claim connections to law enforcement or legal services to appear legitimate.

Reminder from SlowMist: If you fall victim to theft or fraud, report it immediately. Technical companies like SlowMist cannot retrieve user data or freeze accounts — only law enforcement agencies can freeze accounts and recover funds through compliance processes at exchanges. However, SlowMist offers free basic tracking assessments and fund flow analysis for victims. We will blacklist verified hacker addresses through our InMist Threat Intelligence Network. Although we do our best to trace stolen funds, the results are for reference only and not legal evidence. Users must follow both the facts and local regulatory policies.

- For form submissions in Chinese: https://aml.slowmist.com/cn/recovery-funds.html

- For form submissions in English: https://aml.slowmist.com/recovery-funds.html

Conclusion

This article offers a detailed interpretation of the FBI’s 2023 Cryptocurrency Fraud Report, revealing key data on cryptocurrency-related complaints, how criminals exploit the unique characteristics of cryptocurrencies, and the specific types of crimes prevalent in 2023. As cryptocurrency fraud tactics become increasingly complex, we all need to stay vigilant, enhance our awareness, and exercise caution. Only by discerning the truth, operating cautiously, and maintaining skepticism can we enjoy the benefits of cryptocurrency while effectively safeguarding our assets.

Disclaimer

This analysis is based solely on cases reported to the FBI’s Internet Crime Complaint Center (IC3). The actual number of cryptocurrency-related fraud cases worldwide could be significantly higher, as many incidents go unreported to IC3, particularly outside of the United States. Therefore, the figures presented here may only represent a fraction of the total impact of cryptocurrency-related crimes globally.

About SlowMist

At SlowMist, we pride ourselves on being a frontrunner in blockchain security, dedicating years to mastering threat intelligence. Our expertise is grounded in providing comprehensive security audits and advanced anti-money laundering tracking to a diverse clientele. We’ve established a robust network for threat intelligence collaboration, positioning ourselves as a key player in the global blockchain security landscape. We offer tailor-made security solutions that span from identifying threats to implementing effective defense mechanisms. This holistic approach has garnered the trust of numerous leading and recognized projects worldwide, including names like Huobi, OKX, Binance, imToken, Crypto.com, Amber Group, Klaytn, EOS, 1inch, PancakeSwap, TUSD, Alpaca Finance, MultiChain, and Cheers UP. Our mission is to ensure the blockchain ecosystem is not only innovative but also secure and reliable.

We offers a variety of services that include but are not limited to security audits, threat intelligence, defense deployment, security consultants, and other security-related services. We also offer AML (Anti-money laundering) solutions, Vulpush (Vulnerability monitoring) , SlowMist Hacked (Crypto hack archives), FireWall.x (Smart contract firewall) , Safe Staking and other SaaS products. We have partnerships with domestic and international firms such as Akamai, BitDefender, FireEye, RC², TianJi Partners, IPIP, etc.

By delivering a comprehensive security solution customized to individual projects, we can identify risks and prevent them from occurring. Our team was able to find and publish several high-risk blockchain security flaws. By doing so, we wish to help spread awareness and raise the security standards in the blockchain ecosystem.

💬Website 🐦Twitter ⌨️GitHub

--

--

SlowMist
SlowMist

Written by SlowMist

SlowMist is a Blockchain security firm established in 2018, providing services such as security audits, security consultants, red teaming, and more.

No responses yet