Three Countries United Against Crypto Phishing: Operation Atlantic Officially Launched

The U.S. Secret Service, the UK National Crime Agency (NCA), and the Ontario Securities Commission (OSC) in Canada officially announced the launch of “Operation Atlantic” on March 16, targeting cross-border efforts to combat authorized phishing scams in the cryptocurrency space. The initiative aims to identify victims, raise public awareness of scam techniques, and facilitate the recovery of stolen crypto assets.

Operation Atlantic: An International Collaboration Framework of Eight Agencies

(Source: Ontario Securities Commission)

“Operation Atlantic” expands upon the “Project Atlas” led by the Ontario Securities Commission (OSC). Project Atlas was jointly initiated by the Ontario Provincial Police (OPP) and the U.S. Secret Service in 2024. Operation Atlantic further extends cooperation to the UK and adds multiple agencies to the effort.

This operation involves the following law enforcement and regulatory agencies:

United States: Secret Service, District of Columbia Attorney’s Office

United Kingdom: National Crime Agency (NCA), City of London Police, Financial Conduct Authority (FCA)

Canada: Ontario Provincial Police (OPP), Ontario Securities Commission (OSC), Royal Canadian Mounted Police (RCMP)

Brent Daniels, Deputy Assistant Director of the U.S. Secret Service’s Field Operations Office, stated: “Cyber phishing and investment scams cause victims millions of dollars in losses each year.” The agencies emphasize that the core technology of this operation is near real-time detection and interception of scams, rather than just post-incident investigations.

Authorized Phishing Mechanism: From “Signing” to “Wallet Drained”

According to Chainalysis, authorized phishing (Authorized Phishing) is not traditional account and password theft but directly attacks on-chain authorization mechanisms of blockchain. Scammers trick victims into signing malicious smart contract transactions. Once signed, the scammer’s address gains permanent permission to spend specific tokens in the victim’s wallet, allowing them to drain all targeted tokens at any time without further contact with the victim.

This type of attack is highly covert: scammers often mimic legitimate DeFi protocols or wallet authorization pages. Victims unknowingly sign, leaving their assets vulnerable to theft, with some authorizations only activated weeks after signing.

In 2024, Chainalysis launched “Operation Spincaster” to identify on-chain features of such scams. Operation Atlantic upgrades the countermeasures into a formal cross-jurisdictional law enforcement collaboration spanning three legal territories.

Phishing Trend Data: Rising Attack Frequency, Significant Drop in Losses

Nominis, a cryptocurrency intelligence platform, reported in February that phishing attack frequency sharply increased, indicating expanding activity in this area. However, total losses from crypto-related scams and exploits in February dropped dramatically from $385 million in January to $49 million, a decrease of over 87%.

This data reflects a complex situation: increased attack frequency may suggest lower barriers and larger scale of scams, while the reduction in losses could be due to smaller target values per attack or improved industry-wide anti-fraud cooperation. Operation Atlantic was launched against this backdrop, focusing on preventing authorized phishing from spreading at scale.

Frequently Asked Questions

Q: What are the core objectives of Operation Atlantic?
A: Launched by the U.S. Secret Service, UK NCA, and Canadian OPP and OSC, the three main goals are: to identify victims who lost crypto assets due to authorized phishing, to raise public awareness of scam techniques, and to facilitate the recovery of stolen assets.

Q: How does authorized phishing differ from regular phishing?
A: Regular phishing typically involves stealing login credentials or private keys; authorized phishing tricks users into signing malicious on-chain transactions, granting scammers permanent permission to spend specific tokens from the wallet, allowing ongoing asset theft without further action from the victim, making it harder to prevent.

Q: What should I do if I have been targeted by crypto phishing scams?
A: Victims can report incidents through official channels of the U.S. Secret Service, UK FCA, or Ontario Securities Commission (OSC). These agencies state that reports will be kept confidential and victims may be eligible for recovery services and legal rights.