Deepfake and synthetic identity attacks on major financial institutions are only growing, and the crypto industry is not immune. In 2025 alone, an estimated $17 billion was stolen in crypto scams and fraud, up from $12 billion in 2024, due to the rise of impersonation and AI-enabled scams, according to Chainanalysis.
The industry continues to frame crypto risk as a problem of asset theft: wallet breaches, smart contract exploits, or compromised private keys; and while those are visible, measurable, and familiar, they are not the root cause.
The real failure takes place much earlier than when assets are stolen, because the wrong person was treated like the right one. The real vulnerability is not custody nor cryptography, it’s identity.
Earlier this year, researchers at Google Cloud’s Mandiant Threat Intelligence uncovered a campaign linked to a North Korean threat group targeting cryptocurrency firms using deepfake video calls. In this scheme, attackers impersonate executives in what appeared to be legitimate meetings, building trust before deploying malware and harvesting credentials.
This is not an isolated incident. It reflects a broader shift in how financial systems are being exploited.
According to a 2025 anti-scam report from Bitget, SlowMist, and Elliptic, crypto fraud has entered a new era defined by deepfake impersonation, AI-driven social engineering, and increasingly sophisticated manipulation of human trust. Nearly 40% of high-value fraud cases now involve deepfake technology, underscoring how common identity-based attacks have become.
For years, the concern around crypto was anonymity and the idea that participants could not be reliably identified. Now, the problem is more complex as false legitimacy comes into question. Outdated systems might authenticate identities that appear valid, but are in fact synthetic or manipulated.
Generative AI has made this possible at scale. Fraudsters can now produce highly convincing digital personas complete with realistic video, voice, and behavioral consistency, without the cost or coordination that these attacks once required. What was previously difficult to execute is now repeatable, and as a result, fraud is shifting from intrusion to acceptance.
Attackers are no longer focused solely on breaking into systems; they want to be trusted by them to cause as much damage as possible from the inside. Fraudsters target onboarding flows, account recovery processes, and internal communications – points where identity is verified once and then assumed to persist. In these environments, a successful impersonation is often enough to bypass legacy security controls.
This is where existing frameworks begin to show strain.
Know Your Customer (KYC) processes were designed to establish trust at the point of entry, using documents, biometrics, and behavioral signals to confirm identity, but those signals can now be replicated. Deepfakes can mimic facial movements and voice, and synthetic identities can generate supporting documentation. Even interaction patterns can be modeled convincingly enough to pass initial checks.
The result is a growing disconnect between how identity is verified and how easily it can be falsified.
In crypto, that gap carries greater consequences due to decentralization. Transactions are fast, irreversible, and often pseudonymous. Once a fraudulent actor is onboarded, their activity can appear indistinguishable from legitimate behavior. The blockchain will record the transaction, but it cannot validate the authenticity of the participant behind it.
This challenge is further compounded by the emergence of AI agents interacting directly with financial systems. These entities can initiate transactions, manage accounts, and operate continuously, but verifying an autonomous actor introduces a new category of risk, one that existing identity models are not designed to address.
Taken together, these trends signal an inflection point.
Without stronger identity assurance, crypto will have a harder time breaking into traditional financial infrastructure. Trust at scale depends on two factors: 1) the ability to reliably distinguish between legitimate participants and synthetic ones, and 2) strengthening the identity layer to reflect the realities of today’s threat landscape.
Identity verification must become continuous, adaptive, and context-aware – and companies must be evaluating individual authenticity not just at onboarding, but throughout the lifecycle of every account and interaction.
This shift is already underway across financial services more broadly, as digital interactions replace in-person verification. Crypto will need to follow a similar path to achieve broader institutional and consumer trust.
Crypto does not have a theft problem; it has an identity problem. Until that is addressed, security needs to remain reactively focused on mitigating losses rather than preventing them.
The future of digital finance will depend not just on securing transactions, but on restoring confidence in the identities behind them.
About the Author
Ricardo Amper is the founder and CEO of Incode Technologies, launched in 2015 in San Francisco to transform the digital identity space. Under his leadership, Incode develops AI- and ML-powered, privacy-centric solutions that help banks, governments, retailers, and other industries reduce fraud, increase revenue, and deliver seamless user experiences. A serial entrepreneur with over 20 years of experience, Ricardo previously founded La Burbuja Networks, Co-Founded Amco Foods (acquired by Grupo Bimbo), and led Grupo Amco before selling it to Brenntag. Born in Mexico and based in San Francisco, he continues to advance Incode’s vision of “One Identity Everywhere,” enabling broader access to services while empowering users to control their identity information.
