:

FBI: AMERICANS LOST $388M TO CRYPTO ATM SCAMS IN 2025

SECURITY DESK1 MIN READ
TUE, MAY 19, 2026

■ AI-SUMMARIZED FROM 1 SOURCE ▸ TIMELINE

The FBI reports that Americans lost over $388 million to scams involving cryptocurrency ATMs in 2025. The losses highlight growing fraud risks as crypto kiosks become more prevalent across the country.

Cryptocurrency ATMs, also called Bitcoin ATMs or crypto kiosks, have become targets for scammers seeking to exploit users unfamiliar with digital asset transactions. The 2025 figure represents a significant financial impact on victims, many of whom are directed to these machines by scammers posing as legitimate businesses or government agencies. Common tactics include romance scams, investment fraud, and impersonation schemes that pressure victims into purchasing cryptocurrency at physical kiosks. Once funds are transferred to a crypto wallet, transactions are typically irreversible. The FBI advises consumers to verify requests for cryptocurrency payments through independent channels and avoid sending digital assets to unknown parties. Users should be particularly cautious of unsolicited contact claiming to represent government agencies or established companies. As crypto ATM networks expand, law enforcement agencies continue tracking these fraud patterns and working with operators to improve security measures and user protections.

■ SOURCES

Bleeping Computer

■ SUMMARY WRITTEN BY AI FROM THE LINKS ABOVE

■ MORE FROM THE SECURITY DESK

U.S. federal prosecutors have unsealed charges against three Russian nationals accused of operating a bulletproof hosting service that supported ransomware gangs responsible for over $62 million in damages worldwide.

4H AGOIndustry Desk

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned that attackers are actively exploiting three vulnerabilities in Internet-exposed on-premises SharePoint Server instances. Organizations running affected versions must patch immediately.

4H AGOSecurity Desk

Tailscale disclosed a critical vulnerability in its SSH implementation that allowed attackers to gain root access through insecure argument handling. The flaw has been patched in recent versions.

7H AGOAI Desk

A new study found that social media platforms referred over 5.7 million visits to nonconsensual deepfake pornography sites between December 2025 and March 2026, with YouTube and X accounting for the majority of traffic.

9H AGOIndustry Desk

■ SUBSCRIBE TO THE DAILY BRIEF

ONE EMAIL, 5 STORIES, 06:00 UTC. UNSUBSCRIBE ANYTIME.