Canadian Crypto Scam Victim Hit Twice as Fraudsters Pose as Police in ‘Recovery’ Ruse
Canadian authorities are sounding the alarm over a new twist on crypto fraud: scammers are now impersonating federal police and offering to “recover” stolen digital assets-only to attempt to steal even more.
The alert comes after a resident of Nanaimo, British Columbia, fell victim to two separate schemes within months: first to a bogus crypto job offer, then to a follow‑up approach framed as official help from the Royal Canadian Mounted Police (RCMP).
How the first scam unfolded
Late last year, the Nanaimo resident received an unexpected text message advertising what looked like a lucrative remote stock‑trading position. The job pitch was simple: the person was told they could earn money by following trading instructions provided by the “employer,” but to get started, they needed to fund an account using cryptocurrency.
The supposed employer insisted that the initial deposit had to be made through a crypto ATM kiosk. Trusting the instructions, the victim loaded around 5,000 Canadian dollars’ worth of cryptocurrency-about 3,600 U.S. dollars-into the machine and sent it to a wallet address controlled by the scammers.
Once the funds were transferred, communication abruptly stopped. Messages went unanswered, contact channels went silent, and the promising “job” evaporated. By the time the victim realized what had happened, the crypto had already been moved beyond reach, a common pattern in such schemes.
The second blow: a ‘police’ offer to help
Months later, the same victim encountered what appeared to be a stroke of luck: an online notice that looked like an official RCMP public alert. The message urged people who had been defrauded in crypto schemes to report their cases and suggested there might be a way to recover lost funds.
Believing the notice to be genuine, the victim responded. On the other end, however, was not law enforcement but another group of fraudsters who had copied RCMP branding and language to appear legitimate.
According to police, the impersonators claimed they could help track and recover the missing crypto, but only if the victim cooperated closely and followed their instructions. In many such recovery scams, targets are asked to provide personal information, bank details, further crypto payments for “fees” or “verification,” or remote access to their devices-steps that can lead to additional financial losses or identity theft.
Police warn of sophisticated use of RCMP branding
Canadian police say this case is part of a broader pattern: criminals are exploiting the trust people place in official institutions by mimicking RCMP logos, colors, and communication styles in emails, messages, and social media posts.
The use of authentic‑looking graphics and formal language makes it harder for victims-especially those already under emotional stress from a previous loss-to distinguish real outreach from fraudulent contact. Authorities emphasize that while the RCMP does investigate fraud, officers do not cold‑contact victims via online messages promising crypto recovery, nor do they demand upfront payments in digital assets.
Why victims of crypto fraud are targeted again
Once someone has been defrauded in a crypto scheme, their details may be shared, sold, or traded among criminal networks. That makes them especially vulnerable to “recovery scams” that capitalize on desperation and hope.
These secondary schemes often follow a predictable pattern:
– The victim is told their case has been flagged by law enforcement or a security firm.
– The fraudsters claim they have traced the stolen funds or identified the perpetrators.
– They promise to retrieve the money if the victim pays a fee, covers “court costs,” or verifies their wallet by sending another transaction.
– In some cases, they ask for identification documents or banking credentials, opening the door to even more serious financial damage.
Authorities stress that the existence of a prior loss does not make a promise of recovery any more credible; in fact, it often indicates the opposite.
The role of crypto ATMs in modern scams
Crypto ATMs have become a favored tool for scammers because they blend the familiarity of a traditional cash machine with the speed and anonymity of digital assets. Fraudsters typically instruct victims to:
– Withdraw cash from their bank,
– Deposit it into a nearby crypto ATM,
– Then send the purchased coins to a specific wallet address displayed as a QR code or provided in a text.
Unlike credit card payments or many bank transfers, crypto transactions are typically irreversible. Once the coins leave the machine and arrive at the scammer’s wallet, reclaiming them is extremely difficult, especially if the funds are quickly moved through multiple wallets or converted across different cryptocurrencies.
Because of this, police and consumer protection agencies increasingly urge the public to treat any request to pay using a crypto ATM-particularly from strangers, unsolicited contacts, or supposed authorities-as a critical red flag.
How to recognize a fake “recovery” offer
Fraudsters who pose as police, regulators, or recovery specialists often share common traits. Warning signs include:
– Unsolicited contact: You receive an email, text, or message out of the blue about a past scam, even if you never filed an official report.
– Use of pressure and urgency: They claim you must act quickly or lose your chance at getting the money back.
– Requests for more money: They ask you to pay upfront for legal fees, taxes, transaction costs, or “anti‑money‑laundering verification.”
– Demands for crypto, gift cards, or wire transfers: Legitimate agencies do not require payment via untraceable methods.
– Links or attachments that look suspicious: They push you to click files, install software, or share remote access to your device.
– Inconsistent or unverifiable contact information: Phone numbers and email addresses do not match those listed on official government channels.
If any of these appear, the safest course is to cut contact and independently verify the claim using trusted, official contact points.
What legitimate authorities actually do-and don’t do
Law enforcement may invite the public to report fraud, but their procedures differ sharply from scam operations:
– Investigators may gather statements and documentation, but they do not promise full recovery of funds.
– They do not require victims to send additional money in order to investigate.
– They do not demand private keys, seed phrases, PIN codes, or direct control of your wallets.
– Any communication will typically direct you to known government websites, phone numbers, or physical offices, not to obscure portals or payment addresses.
Understanding this difference helps victims distinguish real investigative efforts from fraudulent “recovery” services.
Practical steps if you’ve already been scammed
For anyone who has lost money in a crypto scheme, including job offers and ATM‑based frauds similar to the Nanaimo case, several steps can reduce further harm:
1. Stop sending funds immediately: Do not attempt to “chase” the lost money by following new instructions from the same contact.
2. Collect evidence: Take screenshots of messages, transaction IDs, wallet addresses, and the original advertisement or text.
3. Report the crime: Use official police channels or fraud reporting centers in your jurisdiction. Provide as much detail as possible.
4. Inform your bank or card provider: If any bank details were shared, notify your institution to monitor for suspicious activity.
5. Secure your devices and accounts: Change passwords, enable two‑factor authentication, and run security checks if you installed any software at a scammer’s request.
6. Be wary of follow‑up contact: Expect that scammers may try to reach you again, especially if your case has already been discussed online or reported.
Preventing future losses: best practices for crypto users
With digital assets now widely used for investment, trading, and payments, basic safety rules are becoming as essential as traditional banking security. Key precautions include:
– Treat unsolicited offers with suspicion: High‑paying “remote jobs” that require crypto deposits, or trading programs promising guaranteed returns, are almost always fraudulent.
– Verify employers and platforms: Before sending funds, research the company’s registration, contact details, and reputation. Look for genuine, long‑standing operations rather than freshly created identities.
– Avoid mixing work and personal wallets: If a supposed employer demands that you use a specific wallet or address they control, that is a significant warning sign.
– Question any demand for secrecy: Scammers often tell victims not to discuss the arrangement with family, banks, or authorities. Legitimate businesses do not require such secrecy.
Why emotional vulnerability is part of the scam
Fraud involving employment and investment promises exploits more than technical gaps; it targets human emotions. Economic pressure, the desire for flexible work, and fear of missing a financial opportunity make people more receptive to risky propositions.
Once a loss has occurred, frustration and embarrassment can discourage victims from seeking help. That silence can make them easier targets for “recovery” frauds that exploit the hope of reversing the damage. Public awareness campaigns, police warnings, and open discussion of such cases-like the one in Nanaimo-aim to break that cycle by normalizing reporting and education instead of shame.
The bigger picture: crypto’s appeal to criminals
Crypto itself is not inherently criminal, but its characteristics-speed, global reach, and limited reversibility-make it attractive to scammers. The Nanaimo case illustrates some of the most common tools in their arsenal:
– Fake job opportunities requiring crypto funding,
– Use of crypto ATMs to bypass banks,
– Impersonation of trusted institutions to win confidence,
– Follow‑up “recovery” pitches designed to draw out more money.
Regulators and law enforcement agencies across Canada and beyond continue to adapt to these trends, but they consistently emphasize that personal vigilance remains the first line of defense.
Bottom line
The Nanaimo incident shows how one crypto scam can quickly turn into two when criminals return under the guise of help. A fraudulent job offer led to a $5,000 CAD loss via a crypto ATM, and months later, scammers allegedly using RCMP branding tried to pull the victim into a second trap by promising to recover the stolen funds.
Authorities urge anyone approached with unsolicited offers of crypto recovery-especially those referencing police or government logos-to pause, verify independently, and refuse any request for additional payment. Once digital assets are sent to a scammer’s wallet, the chances of getting them back are slim, and agreeing to a second scheme only deepens the damage.