※This article is automatically translated. For accurate content, please refer to the original text.

Digital assets are rapidly changing the global financial ecosystem, offering new models for payments, investments, and value exchange. However, this innovation comes with well-known risks. Unfortunately, fraud tactics that have long targeted traditional finance—such as phishing, Ponzi schemes, and impersonation—are increasingly spreading through the Web3 and crypto asset ecosystem. One of the most damaging frauds is Authorized Push Payment (APP) fraud, where victims are tricked into voluntarily transferring funds to scammers. Currently, APP fraud is the biggest threat targeting financial institutions, impacting refunds and operational costs. In the recently released 2025 Crypto Crime Report, we reported that nearly $10 billion in crypto assets were lost to various app frauds in 2024, but the figure is likely closer to $12.4 billion. This represents a slight increase from the amount stolen in 2023. The decentralized nature of crypto assets, with transactions being fast, irreversible, and often anonymous, provides an ideal stage for APP fraud. Scammers exploit these characteristics by impersonating trusted organizations, fabricating investment opportunities, and pressuring victims to act quickly before verifying the legitimacy of their counterparts. As crypto assets become more widespread, understanding the mechanisms of APP fraud becomes key to avoiding victimization. Fortunately, new tools like Chainalysis Alterya that can detect fraud in real-time are helping public and private sectors collaborate to close APP fraud prevention gaps, shifting from reactive to proactive measures. Below, we will discuss the following topics and more:

• What is Authorized Push Payment Fraud
• Types of APP Fraud
• Why APP Fraudsters Target Crypto Asset Users
• Preventing APP Fraud in Crypto Assets
• Regulation and Fraud Prevention

What is Authorized Push Payment Fraud

Authorized Push Payment (APP) fraud occurs when scammers skillfully manipulate victims into voluntarily transferring funds under false pretenses. This differs from fraudulent activities where criminals conduct transactions without the victim's consent (such as credit card fraud or account takeover). While banks and payment service providers often refund victims of fraudulent activities, APP fraud victims, especially in crypto assets, unfortunately have little protection.

Types of APP Fraud

Scammers use various tactics to manipulate victims into authorizing crypto asset transactions. While some may classify hacking within APP fraud, this blog focuses specifically on fraud. Here are some of the most common fraud examples:

• Investment Fraud: Scammers deceive victims by promising extraordinary investment returns, transferring crypto assets to fake platforms or projects.
• Romance Fraud: Scammers often use dating apps or social media to emotionally manipulate victims over an extended period before convincing them to invest in fake crypto assets.
• Rug Pull: Scammers launch a project, collect target funds, then abandon the project and disappear with the money. This type of fraud frequently occurs in DeFi and Non-Fungible Token markets.
• Live Streaming Fraud: Scammers use hacked YouTube or social media accounts to broadcast fake giveaways or impersonate industry-famous figures, encouraging viewers to send crypto assets in exchange for "rewards".
• Impersonation Fraud: Scammers pretend to be customer support, government agencies, or celebrities to trick victims into sending crypto assets.
• Address Poisoning: Attackers send small transactions from wallet addresses similar to those in a user's contact list, hoping the victim will accidentally copy and send funds to the wrong (malicious) address.
• Employment Fraud: Scammers advertise fake job listings (often crypto-related) and manipulate victims into transferring "initial costs" or other fees during the onboarding process.
• Fake Airdrops or Gifts: Scammers manipulate victims into transferring crypto assets, ensuring the promised rewards never materialize.
• BEC (Business Email Compromise): Attackers hack or impersonate corporate emails to deceive employees into transferring crypto assets to fraudulent accounts.

As we'll see, the majority of funds lost under APP fraud in 2024 were caused by high-yield investment/trading fraud (55.4%), with pig butchering scams (36.7%) also being common.

Why APP Fraudsters Target Cryptocurrency Users

Fraudsters are specifically targeting cryptocurrency transactions for several reasons.

• Irreversibility: Once a transaction is sent on the blockchain, it cannot be canceled or charged back like a credit card transaction.
• Perceived Anonymity: While all transactions are publicly recorded and immutable, the lack of direct personal identifiers makes it easy for fraudsters to hide behind pseudonymous wallet addresses.
• Lack of Consumer Protection: Traditional banks may compensate victims of fraud, but most cryptocurrency platforms do not provide such remedial measures.

• Regulatory Gaps: Inconsistent global regulations allow fraudsters to exploit loopholes and weak law enforcement in specific jurisdictions. Additionally, many cryptocurrency platforms used by fraudsters are unregulated or unregistered, complicating efforts to seek remedies.

• Ease of Access: Setting up cryptocurrency wallets and moving funds is quick and easy, enabling fraudsters to create multiple accounts and transfer stolen assets with minimal friction.

Preventing APP Fraud in Cryptocurrency

Like any value transfer, cryptocurrency users should always verify their transaction counterparties, especially when payment requests come through social media, email, or messaging applications. It is particularly important to be suspicious of individuals promising guaranteed profits or pressuring potential victims under the guise of urgency. Furthermore, users should use wallets with multisignature or additional approval steps and avoid connecting to unknown sites or approving unusual transactions. Generally, a healthy level of skepticism and verification can help prevent costly mistakes.

Exchanges and cryptocurrency companies can implement fraud detection tools to monitor suspicious activities in real-time, identify high-risk wallet activities, and reveal patterns associated with known frauds. For example, Chainalysis Alterya is an AI-powered fraud detection solution that can help identify fraudsters before they contact victims. Chainalysis Alterya's data-driven approach includes on-chain machine learning (ML) models and deterministic data (such as fraud attribution) to accurately assess recipient address risks. This process enables customers to make more informed transaction decisions and reduce the likelihood of falling victim to fraud.

Regulation and Fraud Prevention

Governments worldwide are taking various measures to address the threat of APP fraud, from awareness campaigns to enhanced information sharing. Many countries are increasingly focusing on the fraud prevention responsibilities of regulated entities. Companies may be obligated to share victims' losses if their responsibilities are not met. For instance, in late 2024, the UK will be the first in the world to mandate compulsory reimbursement from financial institutions (FIs) to victims, provided certain conditions are met, for transfers made through traditional payment rails (FPS and CHAPS).

Since then, other countries like Australia in early 2025 have introduced frameworks to address various types of APP fraud, requiring financial institutions, digital platforms, and telecommunications providers to prevent, detect, block, and report fraud, or face severe penalties for failing to protect customers. These efforts suggest a shifting perspective on who bears the responsibility and cost of APP fraud. In the future, cryptocurrency is likely to be included in such frameworks, as cryptocurrency usage continues to expand as a payment method, and transfers from fiat to cryptocurrency are already operating under such rules.

Simultaneously, public-private partnerships continue to play a crucial role in combating APP fraud. Regulators are now working more closely with blockchain analysis providers to gain more detailed insights into on-chain activities and detect fraudulent behavior early. Fortunately, there are no longer technical gaps for both private companies and public agencies. Solutions like Chainalysis Alterya enable real-time fraud risk identification and intervention before transactions are finalized. By adopting these tools, the cryptocurrency industry can shift from reactive loss recovery to proactive fraud prevention, fundamentally changing the fight against APP fraud.

Book a demo of the fraud detection solution Chainalysis Alterya here.

This website contains links to third-party sites that are not under the control of Chainalysis, Inc. or its affiliates (collectively "Chainalysis"). Access to such information does not imply association with, endorsement of, approval of, or recommendation by Chainalysis of the site or its operators, and Chainalysis is not responsible for the products, services, or other content hosted therein.

This material is for informational purposes only, and is not intended to provide legal, tax, financial, or investment advice. Recipients should consult their own advisors before making these types of decisions. Chainalysis has no responsibility or liability for any decision made or any other acts or omissions in connection with Recipient's use of this material.

Chainalysis does not guarantee or warrant the accuracy, completeness, timeliness, suitability or validity of the information in this report and will not be responsible for any claim attributable to errors, omissions, or other inaccuracies of any part of such material.

The post Cryptocurrency-Related Fraud and Prevention Strategies appeared first on Chainalysis.