Scammer impersonates UK police officer to steal $2.8 million in bitcoin via social engineering

Attacks on European crypto holders continue to escalate, as a bad actor impersonated a police agent to steal assets using social engineering tactics.

North Wales Police are investigating a theft of roughly 2.1 million euros ($2.8 million) in bitcoin after a scammer posing as a senior UK law-enforcement officer convinced a victim to reveal their wallet seed phrase through a phishing link, the force said in a public warning.

A seed phrase—typically 12 to 24 words—is the master key to a self-custodied crypto wallet. Anyone who obtains it can control the associated assets.

According to the notice , the culprit claimed an arrested suspect’s phone contained the victim’s identification documents and urged them to “secure” their assets. The victim then entered their recovery phrase on a sophisticated spoof website, allowing thieves to access the wallet and withdraw the funds within minutes.

Police cautioned that officers will not contact the public to discuss crypto holdings or instruct them to take action on cold-storage devices. They also emphasized that no legitimate company or agency will ever ask for a seed phrase. The alert urged anyone receiving such calls to hang up and verify by dialing the non-emergency 101 number. 

Such social engineering attacks, where cybercriminals trick victims into providing critical wallet credentials, are common in the crypto industry. Blockchain security firm TRM Labs noted that private key theft and seed phrase exploits comprised 80% of stolen funds in the first half of 2025 .

Europe also faces a wave of physical attempts to steal crypto assets. France alone has been hit with at least 10 “wrench attacks” with cases of attempted kidnappings and crypto ransoms reported .