Here's how to be safer as physical crypto attacks grow, deepfake extortion is next
As 2025 was marked by a troubling rise in cryptoasset–related physical attacks, crypto security experts offer tips that might help spot a possible attack, prevent one, or protect your assets.

Image by Cybernews.
As 2025 was marked by a troubling rise in cryptoasset–related physical attacks, crypto security experts offer tips that might help spot a possible attack, prevent one, or protect your assets.
Crypto security firm CertiK found 72 verified physical crypto attacks last year, which is 75% more than a year earlier. Victims lost at least $40.9 million, or 44% more year-on-year. Thanks to France, Europe has emerged as the most dangerous region, accounting for over 40% of global incidents.
Therefore, security experts suggested a list of measures that can help cryptoasset owners improve their own and their asset security, such as simply stopping bragging about your cryptoasset portfolio, avoiding any public association with these assets altogether, and protecting your privacy, such as your home address, travel plans, etc.
"Remove crypto-related apps from your primary smartphone used in public, and use a dedicated laptop for high-value transactions that never leaves your secure perimeter," CertiK said, also suggesting using a travel phone with minimal accounts, disabling lock-screen previews, and keeping high-value wallets off daily devices.
Meanwhile, receiving unsolicited Two-Factor Authentication codes might indicate that a criminal has already compromised digital credentials and is probably trying to locate your physical device or assess your responsiveness.
Other red flags that a possible attack is being prepared include a fake delivery person, workers checking meters without an appointment, or repeated hang-up calls to a landline. Moreover, unexpected contact from long-lost acquaintances or new business opportunities that require an in-person meeting should also be treated with caution.
To protect your assets in case of an attack, the experts suggested properly securing your hardware wallet and seed words that give access to the wallet, using a multisignature setup that requires more than one signature to confirm transactions, or exploring the option to time-lock your bitcoin (BTC).
In the latter case, BTC can't be spent until the timelock expires. CertiK has also suggested using a decoy wallet with a small but plausible amount of funds that can be surrendered immediately. However, opinions about the effectiveness of decoy wallets vary, as you'd still need to convince an attacker that this is all you have.
However, the authors of the report anticipated a new, dangerous trend, as physical attacks might shift toward more psychologically coercive and highly scalable threat models.
"Attackers will increasingly rely on deepfake extortion, leveraging harvested biometric data to generate hyper-realistic proof of life content, such as video calls from a supposedly kidnapped child or spouse demanding an immediate ransom," they warned, adding that AI will also help scale criminal operations.
According to a public database of registered physical crypto attacks, this year has already seen at least 9 cases.
Unlock more exclusive Cybernews content on YouTube.