"Scammers inform victims in-person cash pickups are required to continue investing with the fraudulent investment firm or to pay purported fines to withdraw their investments," the FBI warned in a Public Service Announcement issued on July 15.
Courier cash pickups: the technique described by the FBI
The FBI's PSA lays out a clear, repeatable playbook: when banks and payment systems block or flag suspicious transfers to fraudulent cryptocurrency platforms, scammers shift to in-person cash pickups. Victims are instructed to withdraw cash and either hand it to a courier or provide a code. The PSA describes couriers who are authenticated to victims by showing a US dollar bill serial number or supplying an agreed-upon password before collection.
After the pickup, victims often see an apparent increase in deposits on the scam platform's virtual wallet display. When victims then try to withdraw what they believe are profits, the fraudsters demand additional sums — labelled as taxes or penalties — and again use couriers to collect cash, creating a recurring loop that extracts more money.
Social engineering channels: where victims are first contacted
The FBI says victims are typically approached through social media, unsolicited text messages, or by someone posing as "a public persona of a cryptocurrency investment expert." Scammers focus on building trust, sometimes through romantic relationships, and then encourage victims to invest in specific trading schemes presented as lucrative opportunities.
The PSA explicitly names "love bombing" as a favored tactic of romance scammers. It also cautions against engaging with strangers who contact you out of the blue and urges verification of identities through third parties.
Scale of the problem: FBI and UK Finance figures
The FBI recorded nearly 73,000 investment fraud cases last year, linked to losses of over $8.6bn — the largest loss total of any cybercrime type in the FBI's accounting. The problem is not confined to the United States. UK Finance figures released on June 15 show investment fraud accounted for the largest proportion of authorized push payment fraud last year: £221.5m ($297m), an amount up 40% year-on-year, with case numbers increasing 26% to 14,893.
FBI's July 15 PSA: specific consumer protections the bureau recommends
- Protect personal information, including banking information; do not disclose a home address or agree to meet with couriers.
- Don’t get drawn into a conversation with an unknown person who gets in touch out of the blue; be suspicious of unsolicited communication and always verify identity through third parties.
- Beware of "love bombing," a favored tactic of romance scammers.
- Do not click on unsolicited pop-up messages, or open links/attachments sent via unsolicited text messages or email; never contact telephone numbers in these pop-ups, texts, or emails without verifying first.
- Before investing in cryptocurrency, look online for articles or reviews which may show the platform is a scam; search for any identifying information.
What this means for end users, financial institutions, and law enforcement
End users: The FBI's advice is practical and prescriptive — avoid sharing home addresses, refuse meetings with couriers, and treat unsolicited communications with scepticism. The guidance also directs potential investors to do basic online research for signs that a platform is fraudulent.
Financial institutions: The PSA acknowledges that financial institutions are "increasingly capable of spotting and blocking suspicious fund transfers" to crypto-investment scammers. The documented courier tactic highlights a gap: when institutions stop electronic routes, criminals will attempt to convert electronic expectations into in-person cash flows.
Law enforcement: The FBI has documented the pattern in a formal advisory and cited the scale of losses and case counts. The bureau's bulletin serves both as a warning to the public and a record of the adaptation in tactics that investigators and prosecutors may encounter.
The FBI's bulletin makes plain that the problem is not merely technical but social: the criminals rely on persuasion, manufactured trust, and a simple physical handoff to bypass financial controls. With nearly 73,000 cases and more than $8.6bn in losses recorded last year — and parallel spikes in the UK — the agency's message is blunt: treat unsolicited investment offers with suspicion, refuse in-person cash pickups, and verify identities before you hand over money.
