The FBI warns that fraud using physical kiosks to buy crypto - known as crypto ATMs or Bitcoin ATMs - has left massive losses: according to the agency, U.S. consumers reported more than $388 million in losses last year, with an increase of close to 58% over the previous period. These figures appear in the FBI's IC3 public notice, which also documents how scammers guide their victims step by step to turn cash into crypto and transfer it to wallets under the control of the attacker ( read the FBI statement).
The kiosks are independent terminals that accept cash or card and are usually located in service stations, convenience shops and shopping centers, making them ideal for fast operations. Their ease of use and the relative opacity of crypto transactions explain why the criminals have incorporated them into social engineering schemes: the criminal instructs the victim by phone or messaging, tells him how to get money out of the bank, how to locate the kiosk and what steps to take to deposit and send funds.
The FBI data also show a worrying trend in the profile of the victims: more than half of those who reported were over 50 years old and concentrated most of the economic losses. This demographic vulnerability combines a lower familiarity with new technologies, greater confidence in alleged authorities and the urgency of scammers to force rapid decisions.
It is important to understand the nature of the damage: cryptotransactions are largely irreversible and fast. Once cash is turned into a crypto and comes out of a kiosk to a criminal-controlled direction, the chances of recovery are very limited, except for coordinated platform interventions, forensic analysis of lockchain and international police cooperation. That's why. prevention is the main defence.
In the face of increased incidents, some states have chosen to ban or restrict these kiosks: Minnesota, Indiana and Tennessee have adopted measures to stop their fraudulent use, reflecting a regulatory trend towards greater controls over the physical infrastructure of cryptomonedas ( details of the ban in Minnesota). These decisions open the debate on regulatory alternatives: from limits in cash amounts to stricter identity verification requirements (KYC) for operators and automatic monitoring systems of suspicious patterns.
For consumers there are practical guidelines that reduce risk: do not send money on instructions from unknown persons, always independently verify the identity of the caller, do not scan QR codes provided by third parties and distrust urgent payment demands - especially if they claim to be authorities -. If something is not right, stop the operation and ask the kiosk operator or local police for help can make a difference; keeping receipts and evidence of the transaction facilitates any further investigation. The Federal Trade Commission maintains resources and advice on cryptomoneda scams that can be consulted for additional guidance ( FTC guide on crypto scams).
If you think you have been a victim, act quickly: contact your bank to stop movements in related accounts, collect evidence (receipts, screenshots, call records) and report the incident to the FBI IC3 through your portal. The complaint does not guarantee the recovery of funds, but it is necessary for the authorities to track patterns and prioritize investigations that sometimes allow the freezing of assets in exchanges or identify illicit operators ( file a complaint in IC3).
Finally, the proliferation of these fraud raises broader questions about the governance of physical points of access to crypt: Should kiosks be subject to licenses, transaction limits and real-time monitoring? The experience of the states that have banned them suggests that technical solutions alone are not enough: regulatory frameworks are needed, collaboration between operators, blockchain analysis providers and security forces, as well as educational campaigns focused on the most at-risk groups.
The trend is clear: as long as criminals adapt tactics to the available infrastructure, effective measures will combine regulation, technology and digital literacy. Keeping informed, distrusting payments requested by non-verifiable channels and reporting fraud attempts are concrete actions that anyone can take right now to reduce the likelihood of being the next victim.
Safety alert Drug critical vulnerability of SQL injection in PostgreSQL requires immediate update
Drucal has published safety updates for a vulnerability qualified as "highly critical" which affects Drumal Core and allows an attacker to achieve arbitrary SQL injection in sit...
18-year-old Ukrainian youth leads a network of infostealers that violated 28,000 accounts and left $250,000 in losses
The Ukrainian authorities, in coordination with US agents. They have focused on an operation of infostealer which, according to the Ukrainian Cyber Police, was allegedly adminis...
RAMPART and Clarity redefine the safety of IA agents with reproducible testing and governance from the start
Microsoft has presented two open source tools, RAMPART and Clarity, aimed at changing the way the safety of IA agents is tested: one that automates and standardizes technical te...
The digital signature is in check: Microsoft dismands a service that turned malware into apparently legitimate software
Microsoft announced the disarticulation of a "malware-signing-as-a-service" operation that exploited its device signature system to convert malicious code into seemingly legitim...
A single GitHub workflow token opened the door to the software supply chain
A single GitHub workflow token failed in the rotation and opened the door. This is the central conclusion of the incident in Grafana Labs following the recent wave of malicious ...
WebWorm 2025: the malware that is hidden in Discord and Microsoft Graphh to evade detection
The latest observations by cyber security researchers point to a change in worrying tactics of an actor linked to China known as WebWorm: in 2025 it has incorporated back doors ...
Identity is no longer enough: continuous verification of the device for real-time security
Identity remains the backbone of many security architectures, but today that column is cracking under new pressures: advanced phishing, real-time proxyan authentication kits and...