10 Crypto Scams in 2025: What UK Users Need to Know

Cryptocurrency adoption in the UK continues to grow despite market fluctuations and high volatility. Unfortunately, this growth also attracts fraudsters. In 2023, high-profile cases like the OneCoin pyramid scheme, which scammed $4 billion globally, highlighted the persistent risks. Additionally, £16 billion in Bitcoin has been lost to blackmail scams since 2018.

With the UK’s evolving regulatory landscape, including the Financial Conduct Authority’s (FCA) increasing oversight of crypto assets, it’s essential to stay informed about the latest crypto scams and how to avoid them.

Why Crypto Appeals to Fraudsters

Cryptocurrencies’ core features make them appealing to both legitimate users and criminals:

• Anonymity: Transactions on the blockchain often lack personal information, making it harder to trace criminal activity.
• Irreversible Transactions: Crypto payments typically cannot be reversed, complicating fund recovery.
• Regulatory Gaps: While the UK is tightening regulations, global inconsistencies still provide loopholes for scammers.
• Borderless Nature: International transactions hinder coordinated law enforcement efforts.
• Accessibility: Anyone with internet access can engage with crypto, making scams easier to perpetrate.

10 Crypto Scams to Watch in 2025

Cybercriminals deploy malicious software to encrypt victims’ data, demanding crypto payments for decryption. According to UK cyber intelligence sources, such attacks cost British businesses millions annually.

How to Protect Yourself:

• Implement robust cybersecurity measures.
• Use updated software and reliable VPNs.
• Regularly back up data securely.

Fraudsters claim to have compromising data on victims, threatening to release it unless crypto payments are made.

How They Work: Victims receive threatening emails claiming sensitive information has been stolen. Scammers demand payment in cryptocurrency to prevent exposure.

Prevention Tips:

• Never respond or transfer funds; it encourages further targeting.
• Update passwords regularly and enable two-factor authentication.
• Report incidents to the National Cyber Security Centre (NCSC) or Action Fraud

3. Crypto Phishing

Phishing scams trick victims into revealing private keys or login credentials via fake websites or emails that appear legitimate.

Common Tactics: Fake exchanges, wallet service providers, and urgent security alerts designed to prompt hasty actions.

Security Advice:

• Always use trusted, secure websites.
• Double-check URLs for slight variations.
• Enable multi-factor authentication (MFA) for all accounts.
• Never share private keys; reputable companies never ask for them.

4. Investment Scams

Scammers entice victims with fake investment schemes promising high, unrealistic returns. The FCA cautions UK investors to verify all firms via the Financial Services Register.

How They Operate: Victims are pressured to invest quickly with promises of guaranteed returns. After initial small returns to build trust, larger investments disappear.

Due Diligence Checklist:

• Verify the investor’s credentials on official registers.
• Be wary of unrealistic promises; if it sounds too good to be true, it likely is.
• Avoid rushed decisions; scammers thrive on urgency.
• Request comprehensive documentation and proof of legitimacy.

If you would like to know more about Customer Due Diligence, read our article What is Customer Due Diligence?

5. Fake Initial Coin Offerings (ICOs)

Fraudulent ICOs lure investors by promising groundbreaking technologies or products. Once funds are raised, scammers disappear without delivering.

Warning Signs:

• No clear roadmap or technical details.
• Unverifiable team members.
• Excessive hype without credible partnerships.

6. Impersonation Scams

Scammers pose as trusted entities such as celebrities, government agencies (like HMRC), or well-known businesses to solicit crypto payments.

Red Flags:

• Unsolicited contact from seemingly reputable sources.
• Requests for payments under false pretences (taxes, fees, etc.).
• Official agencies will never request cryptocurrency payments.

7. Giveaway Scams

Fraudsters promote fake giveaways, claiming victims can win large crypto amounts by sending a small amount first.

Spotting Fake Giveaways:

• Legitimate companies will never ask for upfront crypto payments.
• Verify promotions through official channels.
• Be cautious of social media posts from newly created or unverified accounts.

8. Romance Scams

Scammers build online relationships over months, eventually requesting crypto for fabricated emergencies or business opportunities.

How to Stay Safe:

• Remain cautious of anyone asking for financial help online.
• Conduct reverse image searches to verify identities.
• Discuss suspicions with friends or family before transferring funds.

9. Flash Loan Exploits

Unsecured flash loans on DeFi platforms are used to manipulate markets rapidly, often leading to significant losses for investors.

Protection Strategies:

• Avoid investing in platforms lacking transparent governance.
• Use DeFi services with robust security measures.

10. Pump-and-Dump Schemes

Fraudsters artificially inflate the price of crypto assets via coordinated social media hype, only to sell at the peak and leave late investors with worthless assets.

Warning Signs:

• Sudden, unexplained price spikes.
• Investment advice from unknown social media sources.
• Lack of credible information supporting the hype.

Spotting Red Flags

Crypto scams often involve:

• Promises of guaranteed returns.
• Lack of transparent information.
• Pressure tactics for quick decisions.
• Unsolicited messages or calls.
• Fake websites and unverifiable claims.
• Requests for personal information.

Protecting Yourself from Crypto Scams

1. Educate Yourself: Stay updated through credible UK crypto forums and news outlets.
2. Use FCA-Registered Platforms: Stick to regulated exchanges.
3. Verify Sources: Double-check any investment opportunity with trusted resources.
4. Secure Your Assets: Use hardware wallets and enable MFA.
5. Stay Sceptical: If it sounds too good to be true, it likely is.

Best Practices for UK Crypto Companies

• Employ layered security measures, including DDoS protection and encryption.
• Implement strong KYC solutions and AML procedures, aligning with UK regulatory requirements.
  • We suggest you read Guide to Performing AML Checks for insight on strong AML procedures.
• Educate users on best security practices.
• Conduct regular security audits.
• Collaborate with other exchanges to share threat intelligence.

Reporting Crypto Scams in the UK

If you encounter a scam:

• Contact Action Fraud: The UK’s national reporting centre for fraud and cybercrime.
• Inform the FCA: Particularly for scams involving investments.
• Report to Social Media Platforms: If scams are promoted online.

Provide detailed information, including transaction records and communication logs. Timely reporting can prevent further fraud and may help recover lost assets.