U.S., UK and Canada Launch Operation Atlantic to Hunt Approval-Phishing Crime Rings

TL;DR

• Operation Atlantic brings together U.S., UK and Canadian agencies to identify crypto users who already lost assets or remain at risk from approval-phishing scams.
• The scams rely on fake prompts that trick users into approving wallet access, allowing criminals to move funds through transactions that are typically irreversible.
• The operation builds on Project Atlas, targets scam-linked infrastructure, and warns users to distrust paid “recovery” offers after theft.

A new cross-border crackdown is taking shape around crypto fraud, and Operation Atlantic signals that approval-phishing scams are being treated as an international threat rather than isolated thefts. The joint effort brings together the U.S. Secret Service, the UK’s National Crime Agency, and Canadian authorities including the Ontario Provincial Police and the Ontario Securities Commission. The operation is focused on identifying victims who have already lost assets, as well as people still at risk, in schemes built around malicious wallet approvals. The scope alone suggests law enforcement believes these scams have scaled beyond opportunistic crime.

Approval phishing has become the fraud model authorities want to disrupt in real time

What makes the initiative notable is the specific attack method sitting at the center of the enforcement response. Approval-phishing scams commonly use fake pop-ups, warnings or notifications that appear to come from legitimate platforms, prompting users to approve wallet access. Once that permission is granted, criminals can move assets out rapidly, often through transactions that are irreversible. Authorities linked these schemes to broader crypto investment fraud, including pig-butchering tactics. In practical terms, the victim is not always hacked in the traditional sense. The victim is manipulated into authorizing theft.

The operation also reflects a more coordinated international playbook expanding beyond investigation into disruption and prevention. Officials said participating agencies are sharing investigative techniques, advanced tools and data to target websites, domains and other digital infrastructure tied to fraudulent activity. Private-sector partners are also involved, reinforcing that approval phishing often moves too quickly for any one agency or company to address. The campaign builds on Project Atlas, a 2024 Canadian-led initiative hosted by the Ontario Provincial Police, which law enforcement now appears to be using as a foundation for action.

The warning underlying Operation Atlantic is that crypto wallet fraud has become more sophisticated, more international and harder to unwind once funds are gone. Bonnie Lysyk of the Ontario Securities Commission said the operation shows how agencies are working across borders to confront scam risk. Regulators are also stressing investor education, especially around unfamiliar platforms and wallet permissions. The agencies added a caution: people claiming they can recover stolen crypto for a fee should be treated with suspicion. The message is blunt. Prevention matters more than recovery once approval is given.