Warning

Please be vigilant about TRM impersonation scams, especially those claiming to assist with fund recovery. More info

Solutions
Products
RESOURCES
Customers
Company
Request a demo
en
Search
Search
Foundations
November 27, 2025

How Does Blockchain Intelligence Help Prevent Scams and Fraud?

TRM BlogFoundationsFoundations
How Does Blockchain Intelligence Help Prevent Scams and Fraud?

Over the last several years, cryptocurrency fraud has grown into one of the world’s most damaging forms of organized crime. What began as isolated phishing schemes has evolved into an industrial-scale network of deception: online compounds staffed by trafficked workers, coordinated across borders, and responsible for billions in losses. 

TRM has tracked roughly USD 53 million tied to crypto-related scams since 2023 — a figure that almost certainly represents only a fraction of the true scale, given how significantly these crimes are underreported.

These operations don’t just defraud individuals — they destabilize communities, exploit human beings, and fund transnational criminal enterprises. The US government has called this “a global crime wave hidden in plain sight.”

Stopping that wave requires the same transparency and technology that built the digital asset ecosystem in the first place. Blockchain technology, when combined with advanced analytics and public-private collaboration, provides an unprecedented opportunity to detect, disrupt, and deter fraud at scale.

TRM Labs plays a central role in that effort; powering the data, tools, and partnerships that help both the public and private sectors identify and disrupt scam operations — and prevent more individuals from falling victim to scams and fraud.

{{horizontal-line}}

How has crypto-enabled fraud evolved in recent years?

Crypto-enabled fraud has evolved from small, opportunistic scams into large-scale, organized operations that use sophisticated social engineering, cross-chain laundering, and increasingly, artificial intelligence (AI)-driven automation. These schemes now operate like industrialized fraud networks — running long-con manipulation campaigns, leveraging deepfakes and AI agents, and moving funds rapidly across multiple blockchains to evade detection.

In 2024 alone, Americans lost almost USD 10 billion to crypto-related scams — a 66% increase over the previous year. While the scams vary in form, most share a common structure: deception, manipulation, and social engineering combined with the speed and borderlessness of blockchain.

The most damaging typologies include:

  • Pig-butchering scams, in which victims are “fattened” through long-term social or romantic manipulation before being convinced to invest in fake crypto platforms
  • Investment and trading fraud, promising unrealistic returns on platforms designed to mimic legitimate exchanges
  • Impersonation scams, where criminals pose as government officials or trusted companies to extract “taxes” or “fees” from victims
  • Giveaway and refund scams, exploiting social media and phishing campaigns to harvest private keys or wallet access

Behind many of these schemes are large compounds in Burma, Cambodia, and Laos — physical facilities where trafficked workers are forced to conduct online fraud under threat of violence.

{{blogad-investigatingcryptoscams-flipbook-1}}

The rise of AI-enabled scams and fraud

While crypto-enabled fraud hasn’t fundamentally changed in type, AI has supercharged its scale and efficiency. In fact, we have seen a 456% increase in AI-enabled fraud and scams in the last year. The malicious actors behind pig butchering and romance scams, fake investment platforms, and executive impersonation schemes are becoming more sophisticated in their use of technology and using generative AI to industrialize their operations. 

Fraud rings deploy LLMs to run hundreds of simultaneous conversations, generate flawless multilingual scripts, and build convincing fake dashboards that simulate trading activity or Know Your Customer (KYC) flows. Deepfake video and voice cloning have also transformed impersonation fraud, enabling scammers to mimic executives, celebrities, or loved ones with high fidelity and drive victims toward irreversible crypto payments.

AI hasn’t created new forms of crypto fraud so much as it’s made the existing ones dramatically more believable, more personalized, and easier to scale. It now sits across the entire fraud lifecycle — from targeting and social engineering to funnel optimization and cash-out — making crypto the preferred monetization rail for a growing class of AI-driven crime including account takeovers, synthetic ID operations, voice-clone ransom scams, and ransomware campaigns. 

Blockchain intelligence tools like TRM Labs are critical in combatting crypto scams and fraud — giving enforcement teams visibility into on-chain behavior and encouraging inter-agency collaboration to identify and disrupt these bad actors before more innocent people become victims.

{{horizontal-line}}

How is the US taking a “whole-of-government response” to fighting crypto fraud?

Recognizing the scale of the threat, in November 2025, the US Department of Justice (DOJ) announced the creation of the Scam Center Strike Force — a coordinated initiative to dismantle transnational scam operations. The Strike Force includes agents and prosecutors from the DOJ Criminal Division, the US Attorney’s Office for the District of Columbia, the Federal Bureau of Investigation (FBI), the US Secret Service (USSS), and the Drug Enforcement Administration (DEA).

The initiative is explicitly focused on Southeast Asian scam compounds, targeting the leadership, financial facilitators, and infrastructure that support them. Treasury’s Office of Foreign Assets Control (OFAC) simultaneously sanctioned armed groups and companies linked to these networks, including the Democratic Karen Benevolent Army (DKBA) and associated entities, citing their role in human trafficking and cyber fraud.

These efforts represent a whole-of-government strategy — combining law enforcement, sanctions, financial intelligence, and international coordination to cut off the financial lifelines of global scam networks.

TRM Labs provides the blockchain intelligence layer supporting this response. Our tools allow agencies to map the flow of illicit funds, identify the intermediaries connecting scammers to exchanges, and help freeze assets in real time.

{{horizontal-line}}

How do crypto fraud detection tools work?

Crypto fraud detection tools work by analyzing on-chain transaction patterns, wallet behavior, and cross-chain fund flows — enriched with off-chain intelligence — to identify suspicious activity that matches known scam typologies or anomalous behavior. Using machine learning, risk scoring, and real-time monitoring, these systems flag high-risk wallets and transactions so exchanges, fintechs, and law enforcement can intervene before funds are lost or laundered.

How blockchain intelligence builds a complete, multi-source fraud signal

Blockchain intelligence tools like TRM can help identify and disrupt scams by transforming fragmented signals of illicit activity into a unified risk picture. Every scam — from pig butchering to phishing drainers — leaves distinct behavioral traces on-chain. The challenge is surfacing those traces early, especially as scammers increasingly automate their operations with AI.

TRM’s platform fuses three essential data layers to create a 360-degree view of fraud activity:

  • On-chain data: transaction graphs, wallet clustering, cross-chain movement patterns, smart contract interactions, and protocol-level behavior
  • Off-chain intelligence: exchange records, bank and fintech reports, sanctions designations, leaked infrastructure associated with crime groups, and open-source investigations
  • Crowdsourced community data: real-time submissions from TRM’s Chainabuse network, giving early visibility into active scam campaigns and impersonation attempts

By bringing all of this intelligence together, TRM can detect early-warning indicators of fraud — such as clusters of newly created wallets interacting with victims, coordinated token swaps designed to obfuscate proceeds, or repeat scam signatures across chains and assets. This data fusion is critical for identifying fraud patterns that would be invisible using on-chain data alone.

The role of machine learning and AI in behavioral scam detection

Blockchain intelligence now relies heavily on AI and machine learning to constantly monitor, classify, and predict fraud activity. TRM’s detection engine uses both supervised models (trained on confirmed scam cases) and unsupervised anomaly detection (to surface entirely new patterns).

These models analyze billions of transactions to identify fraud behaviors such as:

  • Abnormal velocity patterns: rapid inflows of small payments consistent with pig-butchering cash-ins or drainer sweeps
  • Circular fund movements: repeated transfers across newly created wallets designed to break heuristics or mimic normal user activity
  • Scam clustering signals: fund consolidation into a small set of operational wallets, followed by quick exits through mixers, bridges, or liquidity pools
  • Cross-chain laundering: bridging activity through high-risk protocols or low-liquidity chains frequently used by scam operators

When these patterns match known fraud typologies — or trigger high-confidence anomalies — TRM assigns dynamic risk scores and generates alerts. This enables exchanges, financial institutions, and law enforcement to respond before scammers fully cash out, rather than after losses are finalized.

How real-time monitoring and alerting drives disruption

Crypto fraud evolves quickly, often generating thousands of transactions in a matter of hours. To stay ahead, TRM’s platform performs continuous, real-time monitoring across multiple blockchains and high-risk protocols. As soon as a wallet is associated with scam activity, the risk signal propagates across any graph created in TRM, instantly flagging related addresses, fund flows, and newly emerging clusters.

For exchanges, fintechs, and compliance teams, this means:

  • Proactive withdrawal controls: blocking or delaying transactions linked to high-risk wallets
  • Account protection: freezing compromised accounts before funds leave the platform
  • User safety warnings: surfacing alerts to customers if they attempt to send funds to a known scam address
  • Law enforcement support: mapping full scam networks, tracing cash-out infrastructure, and enabling asset freezes

This real-time feedback loop transforms fraud detection from reactive to preventive — allowing institutions to stop scams in-flight rather than simply document the damage.

The role of human intelligence and victim reporting in scam and fraud prevention

Technology alone cannot stop scams. Victim reporting and public awareness are essential. That’s why TRM created Chainabuse, the industry’s first community-based platform for reporting crypto scams and illicit activity. Victims, investigators, and exchanges can submit reports tied to known fraudulent wallet addresses, transaction hashes, or URLs.

Each submission enriches TRM’s dataset and helps others avoid similar schemes. When multiple users report the same wallet, it is flagged in TRM’s risk database — allowing platforms across the ecosystem to freeze malicious interactions, and helping law enforcement teams link multiple reports of the same scam.

Chainabuse serves as a real-time crowdsourced warning system, bridging the gap between affected users and professional investigators.

Why public-private partnerships are critical in scam and fraud disruption

No single institution can dismantle transnational fraud networks alone. Beacon Network is the industry's first real-time tracking and enforcement network — helping law enforcement, crypto exchanges, DeFi services, and stablecoin issuers stop illicit funds before they are withdrawn.

Through Beacon Network, agencies and institutions share typologies, indicators of compromise, and case learnings in near real time — without exposing sensitive data.

For example:

  • When investigators in Southeast Asia identify a new scam wallet cluster, Beacon allows that information to be shared immediately with US partners
  • Exchanges and payment processors receive risk indicators, allowing them to block new accounts linked to the same network
  • Regulators can track exposure across jurisdictions, aligning enforcement and policy responses

Beacon Network operationalizes public-private collaboration — turning insights into action and data into disruption.

{{horizontal-line}}

Frequently asked questions (FAQs)

1. What is crypto-enabled fraud and why is it increasing?

Crypto-enabled fraud refers to scams that use digital assets or blockchain networks to deceive victims, move illicit funds, or impersonate trusted entities. It has increased rapidly as organized fraud networks adopt AI tools, social engineering, and cross-chain laundering to scale operations and evade detection.

2. How has artificial intelligence changed the way scammers operate?

AI has industrialized online fraud by enabling scammers to run multilingual romance and investment schemes at scale, generate deepfake impersonations, and automate fake trading dashboards or KYC flows — resulting in a 456% rise in AI-enabled scams last year, according to research from TRM Labs.

3. How do blockchain intelligence tools detect crypto scams?

Blockchain intelligence tools detect scams by analyzing on-chain transactions, wallet clusters, and cross-chain movements — combining them with off-chain data such as exchange records, sanctions lists, and community reports. Machine learning models identify suspicious patterns linked to known scam typologies and generate alerts before funds are lost or laundered.

4. What are the most common types of crypto scams today?

The most common scam typologies include pig butchering (romance investment fraud), fake trading platforms, impersonation scams targeting taxes or fees, and social media giveaway or refund scams designed to steal wallet credentials or private keys. Many of these schemes are run from organized compounds in Southeast Asia.

5. How are governments and industry partners fighting crypto fraud?

The US is taking a whole-of-government approach — including the DOJ’s Scam Center Strike Force and OFAC sanctions targeting Southeast Asian scam networks — while private sector partners like TRM Labs provide blockchain intelligence to help map fund flows, identify intermediaries, and freeze illicit assets in real time.

This is some text inside of a div block.
TRM Team

Related posts

arrow right
BLOG
November 26, 2025

The Fundamentals of Cryptocurrency Transaction Tracing

arrow right
BLOG
August 26, 2025

What is the Best Blockchain Intelligence Tool in 2025?

No posts to show
No posts to show
No posts to show
arrow right
GUIDE
August 29, 2025

Investigating Crypto Scams | Flip Book

No posts to show

Access our coverage of TRON, Solana and 23 other blockchains

Fill out the form to speak with our team about investigative professional services.

Services of interest
Select
Transaction Monitoring/Wallet Screening
Training Services
Training Services
 
By clicking the button below, you agree to the TRM Labs Privacy Policy.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Subscribe and stay up to date with our insights
No items found.
3D illustration of a blue magnifying glass hovering over a digital fingerprint on a dark background, symbolizing crypto investigations or forensic analysis.
FLIP BOOK
Learn more about common crypto-enabled scam typologies in our "Investigating Crypto Scams" flip book
Get your copy →
Illustration of a stablecoin represented by a dollar symbol surrounded by icons for growth, risk alert, user profiles, and a security shield with a target, connected through a network of hexagons — symbolizing the interconnected risks and compliance considerations in digital asset ecosystems.
USE CASE
Learn how TRM helps compliance teams monitor exposure, detect threats, and safeguard their organizations
TRM for stablecoin risk management →
A worn silver wrench tool on a brown-red background, as a metaphor for violent crime
BLOG
Learn about the recent rise of "wrench attacks" and crypto-related violent crime
Read the post →
Illustration of a financial institution icon and a compliance document with checkboxes, symbolizing regulatory due diligence and financial compliance in the digital asset ecosystem.
GUIDE
Learn best practices for evaluating the legal, operational, and financial integrity of crypto entities before engagement
Get the guide →
A judge's gavel rests beside a stack of gold-colored cryptocurrency tokens, including Bitcoin, Dogecoin, Ethereum, and others, symbolizing the intersection of digital assets and regulatory or legal oversight.
REGULATORY ACTION TRACKER
Stay updated on the latest crypto-linked regulatory actions available in the public domain
Check it out →
Screenshot of the splash page used by law enforcement agencies following the takedown of Garantex, with bold red lettering reading, "This domain has been seized," along with the logos of various international law enforcement agencies involved in the action.
BLOG
Learn more about the global law enforcement operation that took down Garantex
Read the post →
Illustration of cryptocurrency crime on a dark blue background featuring bright blue and white blockchain symbols (including Bitcoin and TRON), financial graphs, and a hacker icon.
REPORT
2025 Crypto Crime Report: Explore how the crypto crime landscape evolved over the past year
DIG IN NOW →
Bright blue fiber optic cables on a dark blue background, with flashes of white sparks interspersed throughout.
REPORT
As AI technology becomes more sophisticated, so will the ways in which criminals use it. See what TRM is doing to counter AI-enabled crime.
FIGHT AI WITH AI →
Illustration of cryptocurrency crime on a dark blue background featuring bright blue and white blockchain symbols (including Bitcoin and TRON), financial graphs, and a hacker icon.
REPORT
The crypto crime landscape saw significant shifts in 2024, including decreases in illicit volumes. Dig into the data here.
PREVIEW THE CRYPTO CRIME REPORT →
Cork board with mugshots of Heather "Razzlekhan" Morgan and Ilya Lichtenstein, with their names written in handwritten script below their photos, and push pins on the board connected by red string.
DOCUMENTARY
Stream “Biggest Heist Ever” and get a behind-the-scenes peek from the TRM team
CHECK IT OUT →
A light blue two dimensional circle (representing a stablecoin) floating against dark blue and white curved lines (representing waves), with thin dotted blue and white lines overhead to represent wind.
REPORT
Explore the macro trends and jurisdictional developments that shaped the global crypto policy landscape in 2024
READ THE REPORT →
Illustration on a dark blue background showing a bug and exclamation mark (representing illicit activity), a globe with pin points, a coin, and a bar chart.
REPORT
See the countries with the highest rates of crypto adoption — and the highest rates of exposure to illicit activity
READ THE REPORT NOW →
A blue rectangle with geometric shapes in the background and dots connected by thin lines in the foreground, representing connections on the bockchain.
WHITE PAPER
Explore four ways TRM improves compliance in the modern sanctions enforcement era
Download the white paper →
Illustration of a pig butchering chart featuring various cryptocurrency logos in each section, with a bright blue sheriff's badge on top, symbolizing law enforcement's role in combating fraud.
CASE STUDY
See how Deputy District Attorney Erin West and the REACT Task Force are fighting back against pig butchering
WATCH THE VIDEO →
Illustration of an eye, skull and crossbones, and a pie chart on a light blue background, symbolizing the dangers of crypto scams and financial fraud.
REPORT
Explore the key trends that shaped that the illicit crypto economy in 2023
GET THE REPORT →
Close-up photograph of the United States Capitol building with snow falling
BLOG
Learn why cryptocurrency has become a central issue in the 2024 US election
READ THE POST
Illustration of a Russian doll toy containing a ransomware attack inside the smallest one
REPORT
Take a deep-dive into the Russian-speaking illicit crypto ecosystem
READ THE FULL REPORT
Outline of pig with law enforcement shield overlaid
Case Study
Learn more about how the REACT Task Force is tackling pig butchering
Read the case study
Illustration of a Russian doll toy containing a ransomware attack inside the smallest one
REPORT
Explore recent ransomware trends in the Russian-speaking crypto ecosystem—including the role of ransomware groups in cybercrime around the world
GET THE REPORT
Person typing on a laptop keyboard with dark blue filtered overlay
BLOG POST
Learn about summer 2024’s spate of ransomware attacks, and the proliferation of RaaS around the world
READ THE POST
REPORT
Learn about cryptocurrency’s role in the international synthetic drug precursor market
GET THE REPORT