AI-driven crypto scams hit $17bn, forcing return to old controls
A surge in AI-powered crypto fraud is rendering visual verification obsolete, pushing wealth managers to enforce strict financial controls and programmable wallets to safeguard assets.
Cryptocurrency scams extracted an estimated $17 billion from victims in 2025, a surge driven by artificial intelligence that has fundamentally altered the economics of digital fraud. According to blockchain analytics firm Chainalysis, scam operations utilizing AI tools were roughly 4.5 times more profitable than those without. This efficiency pushed the average scam payment to $2,764—triple the previous year—while the FBI reported a record $20.9 billion in overall cybercrime losses, with crypto as the primary payment channel.
The technology has shifted fraud from a high-volume phishing game to highly targeted impersonation. Chainalysis recorded a roughly 1,400% increase in impersonation scams as cheap deepfake video and voice cloning allow bad actors to mimic fund principals or financial advisors on live calls. Additionally, AI-sustained "pig butchering" investment schemes, which cost victims $7.2 billion in 2025, can now automate weeks of relationship-building across countless targets simultaneously.
For wealth managers and institutional investors, this renders visual or auditory verification obsolete. The most reliable defense is not getting better at spotting fakes, but enforcing foundational financial controls. Advisors must implement dual authorization for asset movement and out-of-band verification—such as calling a pre-agreed number—for any instruction to transfer funds or change a wallet address.
Independent reconciliation serves as a critical backstop. Because crypto balances are verifiable on-chain, a third party can regularly reconcile client holdings against the blockchain to catch unexplained discrepancies early. Furthermore, advisors are leveraging the digital-asset accounting standard ASU 2023-08 to demand stricter custodian diligence, reviewing SOC reports, proof of reserves, and asset-segregation practices.
Automating the defense
Technology can still support these efforts, provided it does not act as an autonomous decision-maker. Granting AI agents direct, unmitigated wallet permissions creates a massive attack vector. Instead, Varun Choudhary, CEO of ORO, recommends money managers transition from legacy externally owned wallets to programmable smart accounts using frameworks like ERC-4337 or EIP-7702.
This infrastructure allows firms to write automated, programmatic security guardrails directly at the account level. It enables continuous monitoring of wallet behavior, contract risks, and transaction limits, with human escalation for any abnormal activity. In a market where nearly anything can be convincingly imitated, a verified, multi-step process remains the only unforgeable asset.