The latest Bitget report, in collaboration with blockchain security firms SlowMist and Elliptic, reveals alarming details about the rise of advanced scams in the digital asset space. From AI-powered deepfake impersonations to Zoom-based phishing schemes, these scams are becoming increasingly sophisticated, leveraging artificial intelligence, social engineering, and Trojan job offers to exploit vulnerabilities in the Web3 ecosystem.
One of the most concerning revelations from the report is the increasing use of AI deepfakes to impersonate well-known figures in the crypto industry. These deepfakes, created using tools like Synthesia, ElevenLabs, and HeyGen, allow attackers to fabricate realistic videos and audio clips of prominent figures such as Elon Musk and Singapore’s Prime Minister Lee Hsien Loong, endorsing fraudulent cryptocurrency platforms.
In early 2025, Hong Kong police arrested 31 individuals involved in a deepfake scam syndicate, where perpetrators stole $34 million by impersonating crypto executives in fake investment calls. This was only one of 87 similar operations dismantled in Asia during the first quarter of the year, highlighting the global scale of this issue. These deepfake videos are distributed across social channels like Telegram, Twitter, and YouTube Shorts, often with comments disabled to maintain an illusion of legitimacy.
The report shows how attackers use these fabricated materials to promote fake platforms, often targeting individuals who trust the celebrities’ endorsements. This growing use of deepfakes represents a new frontier in crypto fraud, where it’s becoming increasingly difficult to distinguish between real and fake content.
Zoom-Based Scams: Hijacking Your Reality
Beyond deepfakes, another disturbing tactic involves the use of Zoom meetings as part of phishing schemes. In these scams, victims are invited to fake meetings with crypto executives who use deepfake avatars and fake credentials to build trust. During the meeting, scammers lure victims into downloading Trojan-laced software, which compromises their systems and steals sensitive data, including private keys and wallet information.
Once the software is downloaded, attackers can gain full access to browser data, cloud storage, and even private wallets. As SlowMist founder Cos pointed out, these scammers are highly persuasive, making it extremely difficult for victims to distinguish between a legitimate meeting and a fake one.
The ability to manipulate both video and audio with such precision underscores the growing sophistication of these attacks. Users are advised to be particularly cautious of any unsolicited Zoom meeting invites, especially those involving crypto transactions or investments.
Social Engineering and Malicious Smart Contracts
While deepfakes and Zoom scams may grab the headlines, social engineering remains one of the most effective tactics for crypto scammers. Bitget’s report highlights the rise of AI arbitrage bot scams, where fraudsters promise “easy profits” using ChatGPT-branded smart contracts. These scams often trick users into interacting with malicious code on fake platforms, resulting in funds being rerouted to scammer wallets.
The report also draws attention to Ponzi schemes in the crypto space, which have evolved into digital Ponzi schemes powered by smart contracts. Unlike the traditional Ponzi model, which relies on offshore bank accounts, these modern scams leverage on-chain tools to make their operations appear more legitimate.
These schemes often promote unsustainable yields and use influencers or anonymous promoters to seed hype on platforms like Telegram, Twitter, or X.
Despite their use of smart contracts, these scams are often poorly disguised, relying on obfuscated tokenomics and fake community-driven DAOs or staking protocols to attract victims. Unfortunately, the speed and virality of these schemes make them incredibly difficult to track or shut down.
The Role of Blockchain Security Firms in Combatting Scams
As the crypto space faces an increasing number of sophisticated scams, blockchain security firms like Elliptic and SlowMist are playing a crucial role in identifying and mitigating these threats. Bitget’s collaboration with these firms aims to track illicit fund flows and dismantle phishing infrastructures across multiple chains, providing an additional layer of security for crypto users.
To help users protect themselves, Bitget has launched a dedicated Anti-Scam Hub, which integrates real-time behavioral analytics to flag suspicious activity. The hub also promotes awareness campaigns that urge users to verify asset-related instructions through multiple channels before acting. The platform emphasizes that visual and auditory credibility is no longer enough to ensure the legitimacy of crypto transactions in today’s environment.
Given the rise in AI-powered scams, it’s important for users to remain vigilant. The report suggests several key practices to help safeguard crypto assets:
- Verify All Transactions Across Multiple Channels: Always cross-check instructions and information across trusted sources.
- Watch for Red Flags: Be cautious of any unsolicited offers or invitations, especially those from unknown sources.
- Use On-Chain Signatures: Adopt systems that broadcast on-chain signatures to ensure the legitimacy of transactions.
- Stick to Verified Communication Channels: Only engage with trusted platforms and avoid interacting with suspicious links or software.
The Growing Threat of Bad Actors in Crypto
These sophisticated scams are part of a broader trend in the crypto space, where bad actors are using advanced tactics to exploit both technical vulnerabilities and human psychology.
The rise of AI deepfakes, Zoom-based Trojan scams, and Ponzi schemes marks a worrying shift in how fraudsters are targeting users. As the industry grows, so too do the tactics used by bad actors.
The recent attack on Paraguayan President Santiago Peña’s Twitter account, where scammers posted a fake Bitcoin wallet address, serves as a reminder that crypto fraud is not just a technical issue but a social one as well.
Similarly, reports of North Korean IT workers bypassing KYC checks to funnel crypto earnings back to the regime for illicit purposes highlight the geopolitical risks that come with the rise of digital assets.