US, UK, and Canada Launch Joint 'Operation Atlantic' to Combat Crypto Approval Phishing Fraud

Law enforcement agencies from the United States, United Kingdom, and Canada announced on March 16, 2026, the launch of “Operation Atlantic,” a coordinated initiative to disrupt cryptocurrency approval phishing schemes, identify potential victims in real-time, and recover stolen assets.

The operation involves the U.S. Secret Service (USSS), the UK’s National Crime Agency (NCA), Canada’s Ontario Provincial Police (OPP), and the Ontario Securities Commission (OSC), alongside private industry partners. The week-long effort aims to contact individuals at risk of or already suffering from approval phishing scams—a method that tricked victims out of an estimated $2.7 billion in crypto between May 2021 and July 2024, according to blockchain analytics firm Chainalysis.

The initiative builds upon Canada’s 2024 “Project Atlas,” which successfully prevented $70 million from reaching scammers and froze $24 million in stolen funds.

Operation Atlantic: Scope and Objectives

Participating Agencies

The multinational operation brings together key financial crime and law enforcement bodies:

United States: U.S. Secret Service (USSS), U.S. Attorney’s Office for the District of Columbia

United Kingdom: National Crime Agency (NCA), City of London Police, Financial Conduct Authority (FCA)

Canada: Ontario Provincial Police (OPP), Ontario Securities Commission (OSC), Royal Canadian Mounted Police (RCMP)

Private sector blockchain intelligence firms and crypto platforms are also participating as industry partners.

Operational Focus

According to a USSS spokesperson, Operation Atlantic will operate for one week, during which law enforcement personnel will:

• Identify individuals who are either currently being targeted by or have already fallen victim to approval phishing scams

• Contact those individuals directly to provide advice and instructions on securing their crypto assets to prevent further losses

• Work to trace and seize stolen funds with the goal of victim restitution

The operation aims to disrupt scams in “near real-time” to deny criminals the ability to profit from their crimes.

Understanding Approval Phishing

How the Scam Works

According to Chainalysis, approval phishing involves “the scammer trick[ing] the user into signing a malicious blockchain transaction that gives the scammer’s address approval to spend specific tokens inside the victim’s wallet, allowing the scammer to then drain the victim’s address of those tokens at will.”

Unlike traditional phishing that steals passwords or private keys, approval phishing exploits the token approval function built into many decentralized finance protocols. Victims unknowingly grant permission for scammers to transfer specific tokens from their wallets, which the scammers can then execute at any time.

Scale of the Problem

Chainalysis launched Operation Spincaster in 2024 specifically targeting approval phishing, reporting that between May 2021 and July 2024, these scams had resulted in approximately $2.7 billion in crypto stolen. Individual cases have seen victims drained of over $600,000 through approval phishing techniques.

Public Verification Resources

To address the common scam tactic of impersonating trusted authorities, the NCA and USSS have established dedicated channels for the public to verify legitimate contact:

Dedicated phone number: A special line for individuals to confirm whether outreach is authentic

Webpage: An online resource providing verification information

These resources aim to help potential victims distinguish genuine law enforcement contact from scammers impersonating officials.

Precedent: Project Atlas

Operation Atlantic is modeled on and expands Project Atlas, a 2024 initiative led by the Ontario Provincial Police in partnership with the U.S. Secret Service targeting crypto fraud networks. Project Atlas demonstrated the effectiveness of cross-border coordination, reportedly preventing $70 million from reaching scammers and freezing $24 million in stolen funds.

Broader Regulatory and Enforcement Context

Shifting Enforcement Landscape

The launch of Operation Atlantic follows significant developments in crypto fraud enforcement:

In 2025, the Trump administration disbanded the Justice Department’s dedicated crypto enforcement agency pursuant to an executive order. The agency had been created to handle “complex investigations and prosecutions of criminal misuses of cryptocurrency.”

Subsequently, the U.S. established the “Scam Center Strike Force” to target criminal leadership orchestrating large-scale fraud operations. This body partnered with Meta in 2025 to remove approximately 150,000 Facebook accounts, and a joint operation with Thai authorities led to 21 arrests.

Regional Crackdowns

Neighboring countries have also intensified enforcement:

Cambodia: Conducted widespread raids on crypto scam compounds, reportedly resulting in the deportation of approximately 48,000 individuals detained during operations

Thailand: Cooperated with U.S. authorities on arrests of scam leaders

China: Engaged with U.S. counterparts on scrutiny of South Asian criminal syndicates

Frequently Asked Questions

What is approval phishing and how does it differ from regular phishing?

Approval phishing tricks users into signing a malicious blockchain transaction that grants the scammer’s address approval to spend specific tokens from the victim’s wallet. Unlike traditional phishing that seeks passwords or private keys, this method exploits legitimate token approval functions in decentralized finance protocols. Once approval is granted, scammers can drain the victim’s wallet at will without needing further authentication.

How will Operation Atlantic identify and help potential victims?

Law enforcement agencies are working with private industry partners, including blockchain analytics firms and crypto platforms, to identify wallet addresses showing signs of approval phishing activity or recent unauthorized transactions. Teams will then contact affected individuals directly, providing guidance on securing remaining assets and initiating tracing and seizure procedures for stolen funds where possible.

What should I do if I am contacted during Operation Atlantic?

If contacted, individuals should verify the legitimacy of the outreach using the dedicated phone number and webpage established by the NCA and USSS for this operation. Scammers often impersonate authorities, so independent verification is essential. Legitimate contacts will provide specific advice on securing assets and information about next steps, but will never request passwords, private keys, or further wallet approvals.