In 2024, the SEC increased its enforcement actions against crypto firms and imposed almost $4.7 billion in fines. This is an over 3,000% rise from 2023. The surge in enforcement comes at a time when crypto fraud losses are rising. Americans lost close to $5.6 billion to crypto scams in 2023 alone. Additionally, AI-powered deepfake scams are becoming a growing threat, and are targeting crypto holders with sophisticated attacks, including fake videos of well known people like Apple CEO Tim Cook.
SEC’s Record-Breaking Year
In 2024 so far, the United States Securities and Exchange Commission (SEC) imposed close to $4.7 billion in enforcement actions against crypto firms and executives. This is an over 3,000% increase from 2023.
The rise in enforcement actions was largely driven by the SEC's record-setting $4.47 billion settlement with Terraform Labs and its former CEO, Do Kwon, in June. This case is the SEC’s largest enforcement action to date, and contributed a big chunk to the regulator's total fines for the year.
Breakdown of yearly SEC enforcement actions and fines (Source: Social Capital Markets)
The SEC initiated 11 enforcement actions in 2024, and netted a staggering 3,018% increase from the $150.3 million in fines that were collected in 2023. The regulator managed this despite taking 19 fewer actions against crypto-related entities this year.
The total fines included forfeiture, disgorgement, civil penalties, settlement amounts, and prejudgment interest. By looking at these figures, it is clear that the SEC may be shifting its strategy toward fewer but more impactful cases. The regulator also seems to be focusing on more high-profile actions that set a precedent for the industry.
A historical comparison shows that the SEC’s enforcement actions in the crypto space have evolved quite a bit. For example, in 2019, the SEC imposed a $1.24 billion fine on Telegram which consisted of $18.5 million in civil penalties and $1.2 billion in disgorgement returned to investors. This case greatly increased the average fine in 2019 to over $70 million, which was a nearly 2,000% rise from previous years.
Average fine per year (Source: Social Capital Market)
Some other high-profile cases include enforcement actions of more than $100 million against GTV Media Group, Ripple Labs, and fraudsters John and Tina Barksdale. Despite the large fines in these notable cases, 46% of the fines since 2020 have still been below $1 million, with 30% falling in the $1 million to $10 million range.
Crypto Fraud Losses Surge
The fact that the SEC is increasing its scrutiny of the crypto sector might not be such a bad thing after all. In 2023, Americans lost $5.6 billion due to cryptocurrency fraud, which was a 45% increase from the previous year, according to the FBI's Internet Crime Complaint Center report.
Although crypto-related complaints made up 10% of the total complaints received, they accounted for almost 50% of the total financial losses. The report also revealed that among the 69,000 crypto-related complaints, people over the age of 60 were the most frequent victims, and suffered losses totaling almost $1.6 billion. Around 71% of crypto fraud was tied to investment schemes, while around 10% involved call center fraud and scams impersonating government officials.
IC3 complaints with reference to crypto (Source: FBI)
The FBI pointed out that many of the losses resulted from confidence schemes, in which scammers exploited trust and anonymity to steal funds. One key piece of advice the FBI shared was to be wary of investment opportunities from people never met in person, as scammers often avoid face-to-face interactions.
The FBI also warned people that Americans are vulnerable to labor trafficking, especially when they are lured into exploitative jobs abroad, like working in call centers running fraud operations like pig butchering scams, where workers may face passport confiscation and demands for repayment of employment-related expenses.
Other common fraudulent schemes include play-to-earn scams, where users are tricked into purchasing tokens for online games, only to have their wallets frozen. Businesses claiming to help recover lost crypto are also causing some problems and only end up further victimizing people.
Crypto ATMs, or kiosks, also present a serious risk for fraud. In 2023, 5,500 cases involving these kiosks resulted in losses of more than $189 million. Scammers favor these kiosks over banks because of the anonymity these machines offer, leading to a range of schemes, including government impersonation, extortion, romance scams, and customer service fraud.
Top crimes involving crypto kiosks (Source: FBI)
The FBI also shared that recovering funds lost through crypto kiosks is extremely difficult. Deputy Assistant Director of the FBI Criminal Investigative Division, James Barnacle, mentioned that the FBI notifies victims when it uncovers fraudulent activity. Out of 3,000 notifications sent, 75% of those contacted were unaware they were even defrauded.
AI-Powered Deepfakes Pose Growing Threat
Investors should also keep their eyes peeled for newer forms of fraud. As AI-powered deepfake scams become more widespread, security firms are warning that the threat could soon extend beyond video and audio.
On Sept. 4, software firm Gen Digital reported a concerning rise in AI deepfake scams that are targeting crypto holders in the second quarter of 2024. The group “CryptoCore” has already scammed over $5 million in crypto using these techniques. While this amount seems low compared to other methods in the crypto space, security experts are very concerned that AI deepfake attacks could become even more sophisticated and pose a growing risk to digital asset security.
Web3 security firm CertiK believes these AI-driven scams will continue to evolve and may soon target wallets using facial recognition to gain access to critical information. Education about the risks and tools available to counter these attacks is essential, and users should be more skeptical of unsolicited requests for money or personal information. Multifactor authentication can also help protect against such scams.
Luis Corrons from Norton is also concerned about the rise of AI-powered attacks on crypto holders. He pointed out that crypto transactions, which are often high in value and conducted anonymously, are an attractive target for cybercriminals. The lack of regulation in the crypto space also gives hackers more opportunities and fewer legal consequences.
Despite the growing threat, there are ways to detect AI-powered deepfake attacks. Security professionals suggest looking for red flags like unnatural eye movements, facial expressions, and body movements, along with a lack of emotion. Awkward body shapes, facial morphing, and misaligned audio can also signal that users are dealing with an AI deepfake.
AI Deepfakes of Apple’s Tim Cook Used in Crypto Scam
Experts’ concerns about deepfate technology are not unfounded. On Sept. 9, YouTube was flooded with live streams featuring deepfake videos of Apple CEO Tim Cook promoting crypto scams during Apple's official iPhone 16 launch event.
In these fake streams, an AI-generated version of Cook urged viewers to send Bitcoin (BTC), Ethereum (ETH), Tether (USDT), or Dogecoin (DOGE) to a specified “contribution address,” falsely promising that Apple will return double the amount of the crypto deposited. This scam is a variation of the common “double-your-money” fraud, where scammers keep the funds sent by unsuspecting victims.
The scam streams appeared to coincide with Apple’s “Glowtime” event, which was also live streamed on YouTube to unveil its new iPhone models. One of the fraudulent streams was broadcast from a channel mimicking “Apple US,” even displaying a legitimate verification tick to appear credible.
Videos and screenshots that were shared on X show that some of these bogus streams attracted hundreds of thousands of views, though many were likely from bots that are designed to make the stream seem more legitimate.
YouTube’s support team acknowledged the issue in a post on X, and encouraged users to report the fraudulent videos through the platform’s reporting tool. The scam videos have since been taken down, and the associated accounts have been closed.
