Dive into the world of fraud with the "What the Fraud?" podcast! 🚀 In the first episode of series three, Tom is joined by Erica Stanford, a crypto advisor and best-selling author. They discuss recent high-profile crypto fraud cases, how businesses can protect themselves, and how to stay ahead in the rapidly evolving crypto sector.
THOMAS TARANIUK: Hello, dear audience, and welcome to Series Three of “What The Fraud?“, where digital fraudsters meet their match. I’m Thomas Taraniuk, currently Head of Partnerships at Sumsub, the digital verification platform that helps verify users, businesses, and, of course, transactions.
We’ve really enjoyed seeing your responses to the first two series, and we’re thrilled to be back in the studio to explore digital fraud and how you can protect yourself moving forward.
We’re excited to kick off our new series with a special guest and a crucial topic—crypto fraud. In our latest report the State of the Crypto Industry, we conducted a deep dive into identity verification dynamics worldwide, surveying over 300 companies in the crypto sector. What we found is that this industry is at a tipping point.
Fraud is up 48 percent. Regulations are tightening. And user expectations, of course, are shifting. In the past year alone, over 2.2 billion US dollars have been lost to crypto hacks. One of the biggest cybersecurity wake-up calls was the Bybit hack, where over 1.5 billion US dollars was stolen in a single day—reinforcing the urgent need for proper controls to be in place.
At the same time, regulatory shifts are shaking up the industry. With Trump’s potential return to office, the US is being positioned as a crypto hub, potentially attracting frustrated clients from Europe under the MiCA regulation. Meanwhile, global regulators are stepping up—Turkey and Argentina are rolling out crypto laws, and the Travel Rule is now fully enforced across Europe, transforming compliance standards.
With so many changes happening, it’s critical to stay informed—and, at the end of the day, protected.
In this episode today, we sit down with Erica Stanford—the best selling author and crypto advisor to find out how you can protect yourself and stay ahead in this rapidly evolving sector. Erica, thank you so much for coming to the show today. What got you excited about crypto in the first place?
ERICA STANFORD: Thanks for having me! My interest in crypto started during a year abroad in Buenos Aires, Argentina—right in the middle of economic chaos. Every weekend, people were protesting, having lost their savings. The first lesson I learned? Never trust the banks. Locals got paid, immediately converted their cash into euros or dollars, and stored it in safes at home—because that was the only secure way to “bank.”
While at university, I also spent summers backpacking across Latin America. I got mugged more times than I care to remember, and one summer, after losing everything, I had to walk kilometers through dangerous areas just to reach a Western Union. My dad sent me money from the UK—it took three days to arrive, came in cash (which wasn’t ideal given my luck), and cost a 14% transfer fee.
These experiences showed me how broken traditional finance is—especially for those without access to stable banking. Then, Bitcoin emerged. A financial system independent of banks and governments? I was hooked. I started researching, diving into how crypto and decentralized payments work. The idea of borderless, censorship-resistant money made perfect sense.
Crypto isn’t just a technology—it’s a solution for people failed by traditional finance.
THOMAS TARANIUK: Absolutely. The transition from TradFi to crypto as a widely usable financial product has been slower than expected. However, as highlighted in our State of the Crypto report, global demand is surging, with traffic spiking by 20% during major market events.
Trump’s stance could accelerate adoption, with the recently announced US Bitcoin reserve and the country positioning itself as a crypto-first hub. Do you think this will significantly drive crypto’s real-world utility—especially in solving financial challenges like those you experienced in Buenos Aires?
ERICA STANFORD: Predicting crypto? My answer is always “We’ll see.” There are several positive indicators: the strategic reserve, government support, and improved cybersecurity aimed at tackling key issues.
There’s also growing excitement around ETFs and real-world asset tokenization, both gaining traction. Bitcoin ETFs, in particular, are performing well compared to traditional ETFs. Plus, crypto is inherently global—with places like Dubai emerging as major crypto hubs.
That said, challenges remain. Some governments, like the UK, lack regulatory clarity, leaving companies stuck in regulatory limbo. And while scams and hacks aren’t stopping adoption, they are slowing mainstream acceptance.
Just last week, discussions focused not just on crypto crime but on how crypto and traditional finance are becoming increasingly interconnected. So there’s a lot of positivity.
THOMAS TARANIUK: Absolutely, Erica—there’s a lot of positivity, but as nations become crypto-friendly, they can also attract bad actors. Security risks are a major concern, with billions lost to crypto hacks. Take the Bybit hack, for example—$1.5 billion stolen in an instant. Just a week later, North Korea’s leader announced an Ethereum reserve of nearly the same amount, highlighting the scale of the issue. This underscores the urgent need for stronger security measures across crypto exchanges.
From our perspective, Sumsub Identity Fraud Report predicts that this year, anti-fraud and cybersecurity companies will merge, aiming to prevent breaches before they happen. What’s your take on this trend?
ERICA STANFORD: We didn’t specifically predict that Bybit would be hacked or that it would be a $1.5 billion breach, but crypto exchange hacks are nothing new—this has been a long-standing trend.
One major issue is how the West underestimates North Korean hackers. Many assume, “Oh, it’s just North Korea, how much damage can they do?”—but that’s the wrong mindset. In reality, they are among the best hackers in the world. North Korea has a state-sponsored hacking system, identifying the smartest children early on, training them in elite coding schools, and grooming them in hacking camps. These individuals receive world-class resources, government backing, and even false passports to operate globally.
Their incentives are also extreme—successful hackers are rewarded, while failure can lead to punishment for their families. The regime has made it clear: crypto exchanges are easy targets, so why are people still surprised by these breaches?
These measures won’t stop all attacks, but they would create a far stronger barrier than the current weak defenses that leave exchanges vulnerable to phishing and cyber threats.
THOMAS TARANIUK: Absolutely. There need to be strict security protocols—whether it’s requiring a physical key or on-site access for critical actions.
But what you’re describing—state-backed sponsorship of criminal organizations—is both bizarre and surreal. Beyond that, many criminal groups operate independently, funding themselves through the ROI from scams.
That said, how hard is it to actually move stolen funds? Take the $1.5 billion stolen—off-ramping that into cash is a complex operation. Since the blockchain is immutable, transactions can be traced, making it harder to launder funds. What do you think is the biggest barrier criminals face in this process?
ERICA STANFORD: So it is really hard, and the North Koreans have done a good job of it. A recent case involved two individuals arrested for laundering Bitcoin from a 2016 hack, where they sat on $3.6 billion worth of Bitcoin before making a critical mistake—a transaction that exposed their identities and led to their capture.
They were caught because they were international citizens operating in jurisdictions where they could be arrested. But that’s not the case for North Korean hackers. If they successfully move stolen crypto and return to North Korea, they are untouchable—never facing arrest or prosecution.
In the Bybit hack, $400 million was laundered within a week, and much more has followed. North Korean hackers have perfected the process. With better infrastructure, greater liquidity, and an increasing number of decentralized exchanges, laundering stolen crypto has never been easier for skilled cybercriminals.
THOMAS TARANIUK: Absolutely, and with crypto nowadays, you need to move fast as well. Diversifying and ensuring you’re moving small amounts can certainly help in their case. But do you think there are security vulnerabilities now that have been exploited compared to two or three years ago? It’s like we always say—it’s a double-edged sword. You’re fighting on both sides: criminals are discovering new methods, and then you’re catching up after they’ve committed a scam, filling in the gaps. As a result, the approach tends to be reactive rather than proactive.
ERICA STANFORD: There are always security vulnerabilities, and in my personal opinion, a lot of that is due to crypto companies not bringing in enough ethical hackers to find them before the real hackers do. The main change in terms of the sheer volume of hacks and fraud is social engineering, which is now targeting individuals more effectively.
On one side, we have organized hacks, and social engineering plays a major role in this. It’s getting harder and harder to know whether something is legitimate or not, especially with the rise of AI. Video clones, voice clones, and photo clonesare making it much harder to distinguish what is real and what isn’t. It’s clever, by any definition, and the use of AI and other methods to fake information online is making it even harder to detect.
In the past, the main scams were Ponzi schemes, where a large number of people would get invested and believe the scam. But now, we’re seeing a shift towards individual scams, targeting a wide range of people.
Of course, there are still organized crime groups at the top, controlling the operation, but these scams now often involve many individuals. The trend has shifted from just a few people running a scam to thousands involved.
One disturbing trend is the scam compounds in Southeast Asia, where thousands of people are human trafficked and forced into scamming. They think they’re arriving for legitimate jobs to support their families, but once they get to the airport, they are captured, their passports taken, and they are held prisoner. It’s absolutely horrible. These compounds, which were once old hotels or buildings, are now purpose-built towns with bars. If the prisoners don’t scam enough people, they are tortured. If they do well, they may be released earlier. The horror stories are unimaginable—some are even killed if they don’t meet their targets or attempt to escape.
In addition to this, there are people scamming as a job, often in regions where economic conditions make it hard to find legitimate work. Then there are scamming schools in some parts of the world, where people pay tuition fees to learn how to scam. They’re taught how to impersonate others—whether it’s a 50-year-old man or a 20-year-old woman. The problem is that people are getting scammed without realizing it. Banks or crypto exchanges might warn them, but they think they’re in a real relationship. They believe they’re helping someone they love by sending money or making an investment for a shared future.
Suggested read: Detecting Romance and Dating Scams: A Guide for Dating Platforms and Their Users
Even though the bank or exchange says, “Don’t send money,” they still do, because they’re convinced it’s a legitimate situation. Unfortunately, they end up losing their money.
THOMAS TARANIUK: Your book, the bestseller “Crypto Wars“, investigates a shocking scam within the industry or multiple. One of the most infamous ones was the OneCoin Ponzi scheme, which stole billions and led to Ruja Ignatova disappearing, the founder. So what made the scam so successful, do you think? And do you think we could see anything similar happening again?
ERICA STANFORD: What made this particular scam so big and impactful was the clever (though twisted) way OneCoin combined crypto with the promise of infinite wealth through multi-level marketing (MLM). OneCoin was the first to mix these two elements together.
On one side, you’ve got MLM, which, though legal, in my opinion, should not be. Around 98% of people who get involved lose all their money, while a few at the top make millions or even hundreds of millions. It’s an awful setup designed to make the vast majority of people lose money, with customers often left with worthless products. But OneCoin took crypto and combined it with the promise that, “This crypto is going to double in value, keep increasing indefinitely, and you’ll earn more coins.” And they did this through MLM.
People would buy “learning packages” (which were just PDFs plagiarized from other crypto education content) along with tokens. OneCoin would promise that if you bought these tokens, they would increase in value. And they did. Then, if you brought in more people, you’d earn more money. Those people would bring in others, and so on, down the line for seven layers, increasing your earnings. But in reality, there was no cryptocurrency or blockchain involved—it was just a manipulated spreadsheet.
They were manually changing numbers on users’ screens, so when someone like Tom logged in, his “coins” would appear to have doubled in value overnight. People believed it. Initially, they could cash out, which made it more believable. But the system ultimately relied on deception.
What really made OneCoin dangerous was its aggressive marketing tactics. They targeted some of the poorest countries, where people didn’t have reliable internet or the resources to do a research. They even infiltrated religious groups, getting pastors and religious leaders to encourage their congregations to invest in OneCoin. Trusting their leaders, people didn’t question why the pastor suddenly showed up with a new Mercedes.
It was a brilliantly manipulative and predatory marketing strategy, with an incentive scheme that encouraged people to recruit others. OneCoin was the first to combine MLM and crypto, and after it succeeded, others tried to copy the model.
THOMAS TARANIUK: It’s incredibly predatory, of course, and part of the greater fool theory, right? Once they run out of layers, meaning they can’t sell to anyone else, it will inevitably collapse. I’m guessing that’s what happened in this case as well.
ERICA STANFORD: It did collapse, but also the FBI sort of got onto it.
THOMAS TARANIUK: Why did it take them so long?
ERICA STANFORD: Very good question. Partly because it’s crypto, partly because it was happening in more developing countries, and partly because it collapsed in 2017 before there was much understanding of crypto. It wasn’t even truly crypto. They managed to steal away a lot of money in Bitcoin, but it wasn’t really a crypto thing.
I think the complexity of the investigation played a role, and maybe it wasn’t a major focus at first. But when they did start focusing on it, people began to catch on. However, many of the believers were still so brainwashed by the masterminds behind it that they still wanted to believe.
THOMAS TARANIUK: At the end of the day, high-risk, high-profile figures, especially in the crypto industry, garner a lot of attention due to the money they make and the waves they create. However, they are now facing serious risks. Public figures who create different companies, especially those pioneering crypto in DeFi, the traditional space, and hardware, are increasingly targeted. One specific case was David Balland, a French individual and co-founder of Ledger in Paris, who was kidnapped from his home for ransom.
Why do you think these direct threats to industry leaders are increasing?
ERICA STANFORD: Yeah, it’s horrible, and he lost part of his finger to the kidnappers.
But this has been happening for a while. There have been kidnappings related to crypto for years, with various stories of people being held at gunpoint or knifepoint in public places and forced to hand over crypto wallets.
So, I don’t know if it’s increasing, but it might just be more in the public eye now. It’s known that if someone has a large crypto wallet or access to one, you can force them to transfer it to you. If you have the means to move it and cash it out—and think you’re going to get away with it—then, from a criminal perspective, that’s a tempting way to make a lot of money.
That’s probably the best answer I have for that. I also wonder if part of it is just the current state of the economy. Life isn’t perfect for everybody, and there’s a lot of inequality and people struggling. I think some of it might be desperation.
THOMAS TARANIUK: Absolutely.
The crypto world is moving fast. Fraud is up. Rules are tightening. And, of course, the expectations are shifting dynamically. But it’s not all bad news. Innovation is thriving. And verification times have sped up 46 percent as well—proving the industry can adapt and it can stay ahead of the curve and all of these challenges that we are seeing.
But the question is, are you ready to stay ahead? Sumsub just dropped its State of the Crypto Industry report packed with insights to help you navigate 2025. We looked at fraud trends and of course, user verification stats, feedback from over 300 crypto companies and much more.
Crypto platforms saw a 20 percent traffic surge during big market events like Bitcoin rallies during the US elections. Biometric checks and document free verifications have pushed onboarding success rates to 93. 39 percent making compliance easier worldwide. Want to know more?
Now, Erica, I’d love to discuss what we—myself included, as well as our audience—can do to protect ourselves from the current threats. In our research at Sumsub, we asked companies about the security measures they wish they had implemented five years ago. The industry has evolved significantly since then, including the tools and practices we use.
53 percent of respondents highlighted the need to fix complex internal systems, while 40 percent emphasized the importance of stronger KYC (Know Your Customer) checks. In your opinion, what should the industry focus on now to improve safety?
ERICA STANFORD:
So, to me, the answer would be to slow down and review transactions over a certain amount manually. Will it slow things down? Yes. Will it be a pain to implement? Yes. But could it prevent you from losing $1.5 billion in a hack? Definitely.
KYC is a tough issue. On one hand, it’s evasion of privacy. But on the other hand, you keep hearing that KYC doesn’t always work. I’ve been in a room with law enforcement and tech companies where they demonstrated how easily they bypassed KYC for all the major banks, payments providers, and crypto exchanges. They just created an AI tool and bypassed the KYC with no questions asked.
The other issue is despair. There are entire marketplaces, often on the dark web, where people act as ID mules, getting paid to use their real address, name, and identity to sign up at a crypto exchange or even pose as a company CEO for a video verification.
Suggested read: What’s Money Muling? Understanding Red Flags and Why Businesses Should Be Concerned
The problem is, especially after the pandemic, many people have lost their jobs, their savings, or are dealing with inflation. They might have no other choice but to make money this way. If you’re struggling to feed your family and someone offers you decent money to let your identity be used for KYC, you probably won’t question it.
I don’t know what I would do in these circumstances.
THOMAS TARANIUK: It’s incredibly difficult to judge or recognize the intent of users, right? This is an internal challenge. We have two key perspectives here. On the one hand, when it comes to internal compliance issues, businesses often don’t want to introduce additional friction into their processes, especially when they’re aiming for full automation.
On the other hand, as a user, you want a seamless, instant user experience. You don’t want to waste time on the KYC process; you expect it to be smooth and efficient. At the end of the day, all these products and digital services are competing for users’ attention. With so many apps and services available, it’s incredibly easy to download multiple apps, sign up for different services, and set up various accounts. So, if you encounter an issue with KYC on one platform, you’re likely to simply move on to another service.
ERICA STANFORD: On that note, there’s a company we work closely with called ‘We Fight Fraud.’ They’re fantastic. It’s run by a diverse team, including a guy called Tony Sales. I can’t recall the exact claim, but he had stolen a significant amount of money in his past and was raised with a criminal mindset, so he understands exactly how criminals think.
The team also includes a brilliant hacker and a few former police officers. They do an incredible job for both crypto and traditional finance companies. What they do is go into a company and point out things others might miss, things a criminal would see but most businesses wouldn’t. If you’ve been brought up a certain way, you just won’t think about things from that perspective. But they’ll step in and say, ‘Here’s a criminal’
THOMAS TARANIUK: That’s step forward beyond the penetration tester, right? Physically, digitally. Someone who can come in and say, ‘Look’. This is completely wrong as a process. You’re going to lose a lot of money if someone even gets a whiff of this.
ERICA STANFORD: Or even things like, ‘This is how someone could walk into a building without a check’ or ‘This is how someone could gain access to your system.’ These are the kinds of insights that most people wouldn’t notice unless they’ve been raised with a criminal mindset. It’s really interesting to see how that perspective works.
Additionally, on the dark web, there are setups and systems where, for many crypto platforms and traditional fintechs, you can purchase guides—like for just around seven dollars—on ‘How to hack [X] exchange’ or ‘How to hack [X] platform.’
THOMAS TARANIUK: 100 percent. And you can buy packages for these deepfakes as well, so you can create a deepfake and create an ID with your photo and then scam the service.
We talked a lot about the crypto industry and the impact, of course, on individuals because more and more people are investing in crypto now. Everyday people who traditionally weren’t in it. Their access to these services has become easier. And from that perspective, what should individuals like myself, like Joe and Jane, the crypto investor who just moved 1,000 into their crypto account, should be doing to protect themselves?
ERICA STANFORD: First of all, I think it’s great that more people are getting into crypto. But beyond that, there are a few things you can do to protect yourself.
One trick I learned from Tony at We Fight Fraud is that the best scams are often the ones that seem the most common, which makes them hard to spot.
The best scams are often the ones that seem the most common, which makes them hard to spot
For example, an email from Amazon offering a small bonus or saying you’ve got a great deal, or one asking you to change your password—these are the types of emails we get all the time and wouldn’t think twice about clicking. It’s important to be a bit paranoid and diligent. I’ve been called paranoid at work for being cautious, but I believe I’m just realistic, and most people are too trusting.
THOMAS TARANIUK: But I would love to shift the attention for the conversation towards the regulations and specifically MiCA.
Suggested read: EU Crypto Regulations 2025
At the end of the day, even this year actually, 60 percent of VASPs or crypto companies in Europe are going to be affected by tighter regulations as well. Meanwhile, in the US, they’re merging as a crypto sort of hub, paradise, whatever you’d like to call it under Trump’s rule.
And of course, do you think that we’ll see a migration of European crypto companies to the US like we have with the UK?
ERICA STANFORD: Yeah, maybe. The MiCA from all accounts is positive. People want clarity on regulation. The key point you hear repeatedly is that it’s not necessarily about what the regulation is, but the most important thing is that companies need to know that if they choose to operate in a country, they can start up, invest, and succeed without fearing that regulations will change unexpectedly a few months down the line. Unfortunately, we don’t have that level of certainty in the UK, and we’ve seen a significant number of companies leave—some estimates suggest up to 90% of crypto companies. Perhaps this was the UK government’s intention, but it certainly seems like it.
Yes, companies will move, but regulation isn’t inherently bad; it provides the clarity that companies need. When you’re investing substantial money to build up operations in a country, hire people, and start a business, you need the confidence that what you’re doing is legal and that it will remain legal over the next five to ten years.
THOMAS TARANIUK: It’s difficult to implement restrictions on individuals, especially when we’re talking about North Korea, they already have massive tariffs on them, right? But when we look at like the traditional sense—I think of course, crypto is used as a messaging service, but fiat is where a lot of the crime traditionally happened. It was between even whilst crypto was booming between four and 6 percent of global GDP, which was like 3 to 5 trillion, I believe was actually in fiat being utilized towards terrorism, ultimately money laundering. And is lost, right? And crypto is just a facilitator for that.
It might make it easier, but at the end of the day it’s just part of a bigger problem as a tool. Like fiat would be. And people will always find a methodology or way to get away with crime. And that’s why I think digital services or vendors, software providers need to help. And we need to make sure that people do understand how big the problem is as well.
Before we end, we always like to do what we call ‘quick fire’ questions and to get to know you for our audience on a more personal level as well. Are you ready? Okay. So when choosing a digital wallet, do you go for more features or better security?
Erica: Security and privacy.
THOMAS TARANIUK: Great answer. What’s the one thing about fraud that still surprises you, even after all of your experience and your books?
ERICA STANFORD: Really good question. How clever it is.
THOMAS TARANIUK: Fantastic. I want you to elaborate here, but these are quick fire questions. Have you ever been the victim of fraud yourself? I do know that, but technically, muggings, I don’t know if we count that?
ERICA STANFORD: Yes. Lots of muggings in Latin America. And yes, I fell for a scam on Facebook Marketplace, and my other little, exciting crime incident: I got in what I thought was a taxi in Cambodia, and it wasn’t a taxi, and basically got kidnapped and had to run out at a traffic light, so that was a little bit exciting. Not crypto or anything related.
THOMAS TARANIUK: A little bit scary as well, I’ve been through the muggings, but not so much the fraud itself as well.
What’s one habit you rely on to stay safe online? Diligence?
ERICA STANFORD: Paranoia. Diligence.
THOMAS TARANIUK: Paranoia is also good as well. If you could have any other career, other than the one that you’re in now, what would you choose to do? Explorer, I would have thought?
ERICA STANFORD: Explorer and have a dog rescue shelter. I really want a dog rescue shelter. Can you merge both of those as well? And a donkey rescue shelter.
THOMAS TARANIUK: Dog rescue center, donkey rescue center. Yeah, and explorer as well.
ERICA STANFORD: Yeah, write books. And I enjoy my job. So all of those things would be really cool. Lots of exploring, and definitely the dog and donkey rescue shelter.
THOMAS TARANIUK: Excellent. Mine was always to be an astronaut, so I’ve failed. But you also wanted to go to Antarctica?
ERICA STANFORD: I’m going!
THOMAS TARANIUK: You’re going? How many years from now?
ERICA STANFORD: Winter 2027.
THOMAS TARANIUK: Very exciting. But you can’t bring dogs or donkeys there.
ERICA STANFORD: You can’t take dogs. No, no dogs.
THOMAS TARANIUK: Do you think you’re going to write your next book on this trip?
ERICA STANFORD: No, I think not. I’ll be trying to stay alive in Antarctica, I think.
No, hopefully, the next book will be done before then. No, Antarctica, everything I’ve heard, I think I’ll be very glad I’ve done it and most of the time will just be struggling to walk against cold and wind dragging. Very heavy sled.
THOMAS TARANIUK: Well, kudos to you. I don’t think I would be able to do it just now, but very excited.
ERICA STANFORD: I wouldn’t be able to do it just now. I’ve got two and a half years to train.
THOMAS TARANIUK: Thank you so much for joining us on “What The Fraud?” today. Can’t wait to have you on again, once you get through, obviously, the naming of your new book and the release, and of course, to discuss even more interesting issues perhaps in 2026. So thank you again and looking forward to seeing you again soon.
ERICA STANFORD: Cool! Thanks for having me!
THOMAS TARANIUK: Thank you for joining us today for another episode. On the next episode, we’ll be discussing digital IDs as they’re growing rapidly in popularity from use cases such as government institutions to financial institutions. And, of course, we’ll ask what are the challenges and risks they pose and bring to institutions and how can we keep ourselves safe as well.
