On March 12, CertiK, the world's largest Web3 security company, released the "Skynet Cryptocurrency ATM Fraud Report." The report reveals that losses from such scams have reached $330 million in 2025, a year-on-year increase of approximately 33%, making it one of the fastest-growing categories of financial crime in the United States.
The report points out that as the number of global cryptocurrency ATM devices continues to grow and criminal organizations increasingly leverage social engineering and AI technology to upgrade their fraudulent tactics, this criminal model has evolved from isolated cases into a highly organized transnational fraud industry.
Total Losses from Cryptocurrency ATM Fraud
Cryptocurrency ATMs Become a "Fast Lane" for Fraudulent Fund Transfers
Cryptocurrency ATM fraud refers to a scheme where scammers, via phone calls, text messages, or online social engineering, induce victims to withdraw cash and deposit it into a cryptocurrency ATM. The funds are then converted into digital assets and transferred to wallet addresses controlled by the scammers.
There are currently about 45,000 cryptocurrency ATMs globally, with 78% located in the United States. Users can typically complete the cash-to-cryptocurrency conversion and transfer within 5 minutes, a feature that makes these machines an ideal channel for criminal groups to move funds.
Unlike traditional cryptocurrency attacks, this type of crime does not rely on account intrusion or hacking but instead uses social engineering to trick victims into initiating the operations themselves. Once a transaction is recorded on the blockchain, the funds are almost impossible to recover.
From a technical architecture perspective, cryptocurrency ATMs act merely as front-end terminals connected to back-end crypto application servers (CAS). All transactions are completed through the operator's mixed hot wallets for fund transfers. On-chain records only show transfers from the operator's wallet to the target address and do not record the depositor's identity information. This structure creates a "tracing gap," posing significant challenges for law enforcement investigations.
Elderly Population Accounts for 86% of Total Losses, Protective Warnings Prove Ineffective
The most alarming data in the report highlights the extreme vulnerability of the elderly demographic in this type of fraud. Data shows that 86% of all cryptocurrency ATM fraud losses in the U.S. in 2025 came from people aged 60 and above. A lawsuit filed by the Washington D.C. Attorney General against U.S. ATM operator Athena Bitcoin pointed out that 93% of the deposits at the company's local ATMs were linked to fraudulent crimes, with the median victim age being 71 and the median loss per transaction reaching $8,000.
The report outlines the mainstream types of fraud, whose core objectives are to induce strong emotional fluctuations in victims, impairing their rational judgment; isolate victims from potential helpers; and guide them in real-time through the entire process of cash-to-cryptocurrency conversion.
Classification of Cryptocurrency ATM Fraud Methods
"When victims are on a live call with scammers, on-screen warning prompts simply cannot serve as an effective deterrent," the report states. Current protective measures at the ATM level are largely ineffective. Scammers maintain real-time communication with victims throughout the entire process of withdrawing cash and operating the ATM, not only guiding them to bypass on-screen warnings but also prepping them with uniform excuses—such as home renovations or family emergencies—to use in response to inquiries from bank staff, thereby completely cutting off external intervention.
AI Technology is Reshaping Fraud Patterns
The report also notes that AI technology is accelerating the evolution of fraudulent methods. In 2025, AI-driven scams were approximately 4.5 times more profitable than traditional methods. Criminal organizations are beginning to use AI voice cloning, deepfake videos, and automated scripts to carry out more targeted social engineering attacks.
Meanwhile, to evade transaction limit policies gradually being introduced by regulators worldwide, fraud networks are also adopting a "divide and conquer" strategy. This involves inducing a large number of victims to make small transactions across different ATMs, thereby maintaining the overall scale of criminal profits while avoiding regulatory scrutiny.
Industrialized Operations of Transnational Criminal Networks
The report reveals that cryptocurrency ATM fraud has evolved from isolated cases into highly organized transnational criminal operations. Criminal organizations employ an industrialized operational model with a detailed division of labor, encompassing data collection, social engineering scams, and fund transfer and money laundering, among other stages.
The increasing efficiency of the money laundering环节 (stage) further amplifies the harm caused by this type of crime. In 2025, Southeast Asian money laundering networks processed approximately $16.1 billion in illicit cryptocurrency funds, accounting for 20% of the traceable global cryptocurrency ecosystem involving illegal activities. These networks operate via Telegram coordination and can settle large transactions within two minutes. After victims deposit cash, the funds are typically routed through mixing services, cross-chain bridges, and decentralized exchanges for multi-layer obfuscation within minutes. Often, the funds have left the traceable scope of the regulatory system before the victim has even ended the scam call.
Transaction Entry Point as a Critical Control Node
In response to the current threat landscape, the report concludes with systematic prevention and control recommendations. It identifies the transaction entry point at the CAS level as the only effective intervention node in the cryptocurrency ATM fraud chain—real-time screening and risk verification of target wallet addresses must be completed before the transaction is recorded on the blockchain.
Simultaneously, the report proposes specific measures for consumers, operators, and law enforcement agencies: consumers need to be wary of any陌生来电 (strange calls) requesting payment via cryptocurrency ATMs; operators need to implement tiered KYC, industry-wide intelligence sharing, and pre-transaction risk checks; law enforcement agencies need to enhance blockchain analysis capabilities and promote unified legislation and cross-border law enforcement cooperation.
"The reported $330 million loss in 2025 only reflects the tip of the iceberg of the actual harm," the report warns in its conclusion. As new methods such as AI deepfakes, automated cross-chain money laundering, and "divide and conquer" small transactions become more prevalent, the threat of cryptocurrency ATM fraud will continue to escalate. Only through coordinated efforts in technology, regulation, and law enforcement can the criminal chain be severed within the shrinking intervention window to protect financial consumers, especially the elderly population, from property loss.
Report link: https://indd.adobe.com/view/bfb98f74-c308-4f0d-b9eb-c3bdb86e2785
