Operation Atlantic is a coordinated law enforcement campaign by the United States, the United Kingdom, and Canada targeting approval phishing and related crypto investment scams, aiming to stop fraud, secure victims’ funds, and recover stolen assets in near real time.
This week, law enforcement from the U.S., U.K. and Canada launched Operation Atlantic to track victims and block criminals who use approval phishing to steal crypto. The effort focuses on victims who have already lost assets or who are at imminent risk of loss through deceptive approval requests tied to investment scams. Teams are working to stop transfers before funds disappear into complex networks that make recovery difficult.
The operation is co-hosted by the U.S. Secret Service, the U.K.’s National Crime Agency, the Ontario Provincial Police and the Ontario Securities Commission, with other agencies and private industry partners joining in. That mix of federal investigators, provincial police, securities regulators and tech partners is meant to close gaps criminals exploit when they move money across jurisdictions. By combining legal authorities and technical tools, the partners aim to intervene quickly when suspicious approvals appear.
“Approval phishing and investment scams cost victims millions in financial loss each year,” said Brent Daniels, the Deputy Assistant Director for the U.S. Secret Service’s Office of Field Operations. “During Operation Atlantic, the U.S. Secret Service, alongside our international law enforcement partners, will identify and disrupt these scams in near real-time denying criminals the ability to further profit from their crimes.”
Law enforcement is acting against a massive backdrop of reported losses: the FBI logged more than $50 billion in crypto losses from 2020 to 2024. Those figures underline how lucrative and destructive these schemes can be when attackers trick people into surrendering control of wallets or authorizing transfers. Officials say the goal is both disruption and rapid victim support to limit damage once a scam is detected.
“Operation Atlantic is a strong example of the OSC’s commitment to working across borders to tackle the growing risks posed by scams,” said Bonnie Lysyk, Executive Vice President, Enforcement at the Ontario Securities Commission. “Through our partnerships with the OPP, UK National Crime Agency, and U.S. Secret Service we are using innovative techniques, advanced tools, and extensive expertise to disrupt bad actors and protect investors from the harm they seek to cause.”
Other participants include the Royal Canadian Mounted Police, the City of London Police, the U.S. Attorney’s Office for the District of Columbia, and the U.K.’s Financial Conduct Authority, with private sector firms collaborating closely. That public-private approach lets investigators trace transactions and freeze activity where possible, while industry partners help identify suspicious flows and block malicious infrastructure. Cross-border coordination is billed as essential because suspects and servers often sit in different countries.
“Approval phishing scams are becoming increasingly sophisticated. Operation Atlantic is designed to protect the public by warning people early and helping them secure their assets,” said Paul Foster, Deputy Director of Cyber at the UK’s National Crime Agency. “This joint international operation further enhances our strong partnerships. Criminals operate across borders, so our response must do the same.”
Operation Atlantic builds on techniques tested during Project Atlas, a 2024 Canadian-led operation that targeted international crypto investment fraud networks. Project Atlas showed how coordinated takedowns and disruption can break up fraud rings and slow cash flows to criminal accounts. Officials say lessons from that campaign shaped the rapid-response methods being used now.
“Project Atlas demonstrated the power of coordinated disruption. We’re proud to be part of Operation Atlantic, which builds on that approach by uniting international partners to take action in real time,” said Detective Superintendent Jennifer Spurrell, Director of the Financial Crimes Services Bureau at the Ontario Provincial Police. “As fraud becomes increasingly global, this level of collaboration is essential.”
Approval phishing typically tricks a user into approving a transaction or granting wallet permissions through a convincing pop-up, a fake alert, or a spoofed interface that looks like a real app or service. Once a user clicks approve, the attacker often gains full control of the wallet and can move funds instantly. Because blockchain transactions are immutable, victims usually cannot reverse transfers, and tracing funds through mixers and exchanges makes recovery slow and uncertain.
If someone believes they have been targeted or victimized by approval phishing, the U.S. Secret Service and partner agencies have an Operation Atlantic resource page and outreach channels where victims can seek guidance and report incidents to investigators. Officials stress reporting quickly, preserving screenshots and transaction details, and contacting law enforcement to maximize any chance of intervention.




