$2.8M Bitcoin Gone After UK Police Officer Impersonation Scam

Authorities from the island nation have issued a notice for a substantial amount of Bitcoin lost due to a sophisticated attack.

This event adds to the already long list of similar attacks the year has seen so far, and worryingly, continues to see.

The Losses Increase

Financial crime continues to weigh heavily on the crypto industry, with billions lost to date this year alone in various attacks and exploits. The North Wales Police Department’s cybercrime unit has flagged the most recent incident, disclosing the theft of £2.1 million ($2.8M) in BTC from a cold wallet via impersonation.

They believe this was a targeted attack, possibly identified through a data breach, in an elaborate ruse with the scammer posing as a senior representative of UK law enforcement with a fabricated story.

Reportedly, the person posing as an officer claimed they had arrested someone who had the victim’s personal identification documents stored on their phone, alerting them to a possible security breach. With the target alarmed and fearful that their information had been stolen, the hacker took advantage of this and provided instructions for “securing” the victim’s cryptocurrency assets.

Unbeknownst to them, they were provided with a malicious link to a fake website that prompted them to log in to their cold wallet. Believing they were following the police’s instructions, they proceeded by entering the seed phrase into the site, and within minutes, the scammer was able to siphon the $2.8 million and vanish without a trace.

The police are now attempting to track the funds and have issued several reminders to the public, as well as to anyone else holding crypto assets, to be cautious of such individuals. Authorities in any state or country will never call the public to discuss their holdings, let alone how and where they store them.

Additionally, when in doubt, it’s perfectly fine to hang up, and if possible, verify whether the information you were given over the phone or the channel you were contacted on is correct. Moreover, no legitimate organization will ever ask for your seed phrase, so it’s best not to enter it on links provided by third parties under any circumstances.

Phishing Attacks Continue to Claim Victims

Social engineering attacks are far from the only type of fraud the cryptocurrency world has seen, but they are certainly one of the most commonly used methods.

CryptoPotato previously reported that this type of attack resulted in a loss of at least $65 million from the Coinbase exchange in December 2024 and January 2025.

Later in the current year, an elderly person was scammed out of over $330 million in Bitcoin, and a fraudulent phone call made to an engineer from the Indian CoinDCX exchange led to the loss of $44 million.