Scammer Impersonates Senior UK Police Officer to Steal £2.1 Million in Bitcoin

UK police are investigating a sophisticated phishing scam where the criminal posed as a senior UK Law enforcement officer stole £2.1 million worth of bitcoin, according to the North Wales Police Cyber crime team.

Police stated that the victim, potentially identified through a prior data breach, was carefully targeted by scammers in an elaborate scheme.

The perpetrator posed as a high-ranking police officer, contacted the victim, and claimed to have arrested an individual in possession of the victim’s identification documents.

Playing on fears of looming security threats, the scammer urged the victim to “secure their assets” by logging into their cold wallet—providing a seemingly official but fraudulent web link.

Trusting what appeared to be genuine instructions from law enforcement, the victim unwittingly entered their wallet’s seed phrase—the master password—on the fake site.

With full access achieved, the scammers were able to drain the wallet of $2.8 million in Bitcoin within a short time.

Police Officers Will Never Call To Discuss Your Crypto assets

North Wales authorities say they are working to trace and recover the funds, warning crypto holders here is how you can verify if they are really talking to a real police officer and what they would ask in reality.

"Police officers will never call you unexpectedly to discuss your crypto assets or ask you to take action on your cold storage device. This is a big red flag!"

They urge anyone contacted by someone claiming to be from the police about crypto assets to immediately hang up and verify the caller’s identity directly with official channels.

Authorities also warned that this incident is part of a broader trend. Both UK and US agencies have noted a surge in criminals masquerading as government officials or financial industry employees to defraud crypto users.

Authorities Warns Of Similar Scams

The US FBI recently alerted the public to similar scams, including the use of AI-powered deepfakes by attackers impersonating officials to trick victims—particularly those with ties to government institutions.

They advise users to verify all unexpected communications regarding digital assets and to never disclose sensitive details, such as seed phrases, to anyone under any circumstances.