1. Website Planet
  2. >
  3. Blog
  4. >
  5. The Bybit Hack Is Just a Distraction—Here’s the Real Crypto Epidemic Fueling Global Crime, Says Crypto Legal Director of Forensics Alex Ferrer
The Bybit Hack Is Just a Distraction—Here’s the Real Crypto Epidemic Fueling Global Crime, Says Crypto Legal Director of Forensics Alex Ferrer

The Bybit Hack Is Just a Distraction—Here’s the Real Crypto Epidemic Fueling Global Crime, Says Crypto Legal Director of Forensics Alex Ferrer

Roberto Popolizio Written by:
While big hacks get headlines, smaller but relentless phishing scams are where most everyday users lose their money.

The Bybit hack is a clear example where everyone’s shocked by the $1.5B stolen, but phishing scams are stealing that amount every few months, quietly.

In this interview with Website Planet, the Director of Forensics at Crypto Legal, Alex Ferrer, sheds more light on how domain registrars are profiting from inaction, the overlooked legal loopholes enabling crypto fraud, and what regulators and consumers must do—now—to stop it.

Crypto Phishing in numbers

Retail investors—particularly those new to crypto—are hardest hit. Chainalysis reports that phishing drained over $300 million from individuals in 2023, with median losses of £12,000 per incident. But the fallout extends beyond finances:
  • Erosion of trust: New users exit crypto entirely after being scammed, stifling adoption.
  • Legal/compliance risks: Businesses face liability when customers are duped by impersonators.
  • Resource drain: Firms like ours spend 40% of forensic hours tracing stolen assets—time that could combat other crimes.
Another overlooked consequence is money laundering. Phishing proceeds fuel ransomware and terrorist financing. For example, in a 2023 case, £2.3 million from a fake NFT platform was traced to a sanctioned entity.

The beneficiaries? Scammers, of course, but also complacent web service providers.

Some web hosting providers and domain registrars profit by ignoring crypto frauds

The root issue lies in the lack of accountability for domain registrars and hosting providers.

Many fraudulent sites operate openly for weeks, despite blatant red flags (e.g., domains like “Coinbase-support[.]net” or “LedgerHelp[.]com”). But unlike regulated financial institutions, web hosting providers and domain registrars face minimal legal obligations to vet customers or takedown malicious sites promptly.

Moreover, many registrars prioritise profit over this, offering “bulletproof hosting” services that ignore abuse reports.

For instance, in Q1 2024, we reported 132 fraudulent sites to a major registrar—only 17 were actioned. Worse, some providers charge exorbitant fees for rapid takedowns, creating a perverse incentive to delay.

EDITOR’S NOTE

A 2024 study titled “Towards an Understanding of Enablement in Online Non-delivery Fraud” further indicates that certain registrars were hesitant to investigate reports of abuse, de facto undermining their own content abuse policies and regulatory responsibilities.

The study reported that some of the most popular web hosting providers accounted for 53.03% of the domains registered for fraudulent websites in their sample, suggesting that fraudsters may prefer registrars perceived as less stringent in enforcing anti-abuse measures. ​

Roberto Popolizio
Managing Editor

The Fight Against Phishing Needs a New Playbook

So you see how crypto has compliance but domains don’t. That’s why we need a complete rethink of how regulators, exchanges, and tech companies tackle phishing. Otherwise, we’re fighting with toothpicks against AI-powered hydras.

Our forensic team tracks over 100 new phishing domains weekly, with actors leveraging automation to spin up sites in minutes. Since 2017, we have maintained a crowdsourced scam database (now exceeding 50,000 entries) to help victims verify threats. Yet, even with this resource, we’re not fast enough: for every domain we report, three more emerge.

All this highlights how a systemic change is imperative. Policymakers must hold domain providers accountable and businesses should invest in threat intelligence sharing.

It can happen to you (even if you don’t hold crypto)

We’ve seen fraudsters impersonate law enforcement to prey on fear and urgency, leaving victims financially and emotionally devastated.

Take the example of a retired couple whose son never had any crypto. But the scammers created a fake arrest notice, cloned a Met Police URL, and demanded urgency. They wired £45,000 to “unfreeze” their son’s allegedly seized crypto in under two hours.

What you should start doing TODAY

  • Never trust: Always cross-check URLs/emails via official channels (e.g., use Coinbase’s in-app support, not Google ads).
  • Bookmark key sites: Avoid searching for exchanges—typosquatting (e.g., “Binancce[.]com”) is rampant.
  • Enable MFA everywhere: Use hardware keys (e.g., YubiKey), not SMS.
  • Consult our scam database: Google “Crypto Legal Scam Hub”. You’ll get free access to our 50,000+ entry list.
  • Report like there’s no tomorrow: Flag suspicious domains to registrars, the NCSC, and Action Fraud.

To learn more from Alex Ferrer

For collaboration or insights:
  • LinkedIn: Alex Ferrer
  • X (Twitter): @cryptolegaluk
  • Crypto Legal Scam Hub: https://www.cryptolegal.uk/list-of-reported-scam-companies/
Sources:
https://openresearch.surrey.ac.uk/esploro/outputs/doctoral/Towards-an-Understanding-of-Enablement-in/99925466602346

Rate this Article
4.3 Voted by 3 users
You already voted! Undo
This field is required Maximal length of comment is equal 80000 chars Minimal length of comment is equal 10 chars
Any comments?
Required Field Maximal length of comment is equal 5000 chars Minimal length of comment is equal 50 chars
0 out of minimum 50 characters
Reply
View %s replies
View %s reply
Related posts
Show more related posts
We check all user comments within 48 hours to make sure they are from real people like you. We're glad you found this article useful - we would appreciate it if you let more people know about it.
Popup final window
Share this blog post with friends and co-workers right now:

We check all comments within 48 hours to make sure they're from real users like you. In the meantime, you can share your comment with others to let more people know what you think.

Once a month you will receive interesting, insightful tips, tricks, and advice to improve your website performance and reach your digital marketing goals!

So happy you liked it!

Share it with your friends!

1 1 1

Or review us on 1

3623197
50
5000
114315902