Crypto Legal’s Alex Ferrer On The Cybercrime Crisis No One Talks About

Roberto Popolizio
Roberto Popolizio Managing Editor
Published on: March 13, 2025
Updated 2 times since publishing
Roberto Popolizio Roberto Popolizio Managing Editor
Published on: March 13, 2025 Updated 2 times since publishing

We have recently witnessed the Bybit hack, one of the largest crypto heists in history. But a far bigger, more pervasive threat is slipping under the radar according to Alex Ferrer, Director of Forensics at Crypto Legal.

In this interview with SafetyDetectives, Ferrer breaks down the alarming rise of crypto phishing scams, why some domain providers and hosting services are enabling these frauds, and what needs to change at a systemic level to fight back.

He shares real-life cases—including a £720,000 loss from a fake Coinbase email—and offers essential tips on how individuals and businesses can protect themselves.

What’s the most urgent cybersecurity problem in your industry that no one talks about?

While the recent Bybit hack—which saw attackers steal USD 1.5 billion in Ethereum tokens—has rightly dominated headlines as one of the largest crypto exploits in history, there’s a far more pervasive threat lurking in the shadows: systemic phishing scams impersonating trusted entities. At Crypto Legal, we’ve handled hundreds of cases where fraudsters mimic legitimate exchanges (e.g., Coinbase, Binance), blockchain wallets (MetaMask, Ledger), law enforcement agencies (e.g., the UK’s National Crime Agency), government bodies (HMRC, the FCA), and even our own firm.

For example, last month, we identified a phishing site masquerading as “Blockchain.com Support,” complete with cloned branding and fake testimonials, urging users to “verify” their wallets due to “suspicious activity.” Another case involved fraudsters posing as HM Revenue & Customs, demanding immediate crypto payments to resolve fictitious tax liabilities. These scams exploit trust in institutions to socially engineer victims into surrendering keys or assets.

The root issue lies in the lack of accountability for domain registrars and hosting providers. Many of these fraudulent sites operate openly for weeks, despite blatant red flags (e.g., domains like “Coinbase-support[.]net” or “LedgerHelp[.]com”). Unlike regulated financial institutions, these providers face minimal legal obligations to vet customers or takedown malicious sites promptly. Until regulation mandates stricter due diligence—such as KYC checks for domain purchasers or real-time monitoring—this problem will persist as the “elephant in the room.”

Why do you think this issue is so ignored or avoided? Does anyone benefit from keeping it hidden?

The sheer velocity of scam creation makes this a hydra-like challenge. Our forensic team tracks over 100 new phishing domains weekly, with actors leveraging automation to spin up sites in minutes. Since 2017, Crypto Legal has maintained a crowdsourced scam database (now exceeding 50,000 entries) to help victims verify threats. Yet, even with this resource, we’re outpaced: for every domain we report, three more emerge.

The beneficiaries? Scammers and complacent web service providers. Many registrars prioritise profit over security, offering “bulletproof hosting” services that ignore abuse reports. For instance, in Q1 2024, we reported 132 fraudulent sites to a major registrar—only 17 were actioned. Worse, some providers charge exorbitant fees for rapid takedowns, creating a perverse incentive to delay. Until legislation like the UK’s Online Safety Act imposes fines for negligence, this cycle will continue.

Have you personally witnessed situations where this issue led to real damage?

Tragically, yes. In one case, a client lost £720,000 after receiving a spoofed email from “Coinbase Support” urging them to migrate assets to a “secure wallet” during a “security upgrade.” The wallet, of course, was controlled by scammers. Another victim deposited £150,000 into a fake staking platform promising 18% APR, only to watch the site vanish overnight.

More disturbingly, we’ve seen fraudsters impersonate law enforcement. Last year, a retired couple transferred £45,000 to a “Met Police” portal to “unfreeze” their son’s allegedly seized crypto. These scams prey on fear and urgency, leaving victims financially and emotionally devastated.

Who is being hurt the most by this problem? What are the overlooked consequences?

Retail investors—particularly those new to crypto—are hardest hit. Chainalysis reports that phishing drained over $300 million from individuals in 2023, with median losses of £12,000 per incident. But the fallout extends beyond finances:

  • Erosion of trust: New users exit crypto entirely after being scammed, stifling adoption.
  • Legal/compliance risks: Businesses face liability when customers are duped by impersonators.
  • Resource drain: Firms like ours spend 40% of forensic hours tracing stolen assets—time that could combat other crimes.

An overlooked consequence? Money laundering. Phishing proceeds fuel ransomware and terrorist financing. For example, in a 2023 case, £2.3 million from a fake NFT platform was traced to a sanctioned entity.

5. How can someone avoid this problem starting TODAY?

  • Verify, never trust: Always cross-check URLs/emails via official channels (e.g., use Coinbase’s in-app support, not Google ads).
  • Bookmark key sites: Avoid searching for exchanges—typosquatting (e.g., “Binancce[.]com”) is rampant.
  • Enable MFA everywhere: Use hardware keys (e.g., YubiKey), not SMS.
  • Consult our scam database: We offer free access to our 50,000+ entry list at Crypto Legal Scam Hub.
  • Report aggressively: Flag suspicious domains to registrars, the NCSC, and Action Fraud.

Key Takeaway

Cybersecurity is a collective responsibility. While individual vigilance matters, systemic change is imperative. We urge policymakers to hold domain providers accountable and businesses to invest in threat intelligence sharing. As I often say: “In crypto, trust is earned—but verified.”

Connect With Me

For collaboration or insights:

  • LinkedIn: Alex Ferrer
  • X (Twitter): @cryptolegaluk
  • Crypto Legal Scam Hub: https://www.cryptolegal.uk/list-of-reported-scam-companies/

Let’s turn the tide—one phishing site at a time.

About the Author
Roberto Popolizio
Roberto Popolizio
Managing Editor
Published on: March 13, 2025

About the Author

Roberto has hosted over 5000 interviews with the biggest names in cybersecurity, AI, and tech. Leveraging this always-growing network of tech leaders, he provides beyond-the-fluff insights on the current state of online security, privacy, misinformation, and ethics in the digital world.