Bybit , one of the largest crypto exchanges globally, has released the results of its 2025 Security Initiative, stating that it intercepted and recovered $300 million in impersonation scams and fraudulent withdrawals during the fourth quarter of the year, according to an announcement shared with Finbold on February 27. The exchange said it implemented a multi-layered defense architecture in 2025 aimed at preventing fraud before funds are lost. Citing Chainalysis data, Bybit noted that $17 billion in cryptocurrency was lost to scams and fraud globally in 2025. Triple-tier withdrawal defense framework Central to Bybit’s updated security strategy is what it describes as a dynamic risk-based protection system designed to intervene during the withdrawal process. The framework categorizes potential fraud scenarios into three risk levels, each triggering a different response. At the lowest risk level, the system uses data analysis to detect unusual patterns, such as large volumes of withdrawals to newly created addresses. In these cases, automated surveys are deployed and the risk operations team may blacklist suspicious destinations. For medium-risk scenarios, including accounts flagged through leaked credential databases or suspicious withdrawal addresses, users receive real-time alerts during the withdrawal process. The alerts prompt users to review transactions before completion, aiming to counter tactics that rely on urgency or emotional pressure. In high-risk cases involving wallet addresses linked to confirmed scams, including so-called “pig butchering” schemes, Bybit applies real-time withdrawal blocking and enforces a mandatory one-hour cooling-off period before funds can be moved. User safety in numbers According to the company, the measures implemented in the fourth quarter of 2025 led to significant user protection outcomes. Out of $500 million in flagged withdrawals during the quarter, Bybit said it intercepted and recovered $300 million, protecting more than 4,000 users. Its AI-based on-chain monitoring also identified 350 high-risk investment fraud addresses, which it said helped shield 8,000 users from potential losses. The exchange added that it blocked more than 3 million credential stuffing attempts in 2025. During the fourth quarter, it auto-labeled 350 suspicious addresses and manually tagged an additional 600 addresses, preventing approximately $1 million in imminent fraud losses. Through cross-chain tracing and investigations across bridges and mixers, Bybit said it helped secure asset freezes totaling $4.32 million for 335 fraud victims. Bybit also highlighted its collaboration with external intelligence providers, integrating monitoring capabilities from TRM, Elliptic, and Chainalysis into its risk systems. “Our mission in 2025 was to transform risk control from a ‘silent shield’ into an active, intelligent guardian,” said David Zong, Head of Group Risk Control at Bybit. “By integrating AI-driven on-chain monitoring with real-time intelligence from industry partners like TRM , Elliptic and Chainalysis, we not only just protect Bybit users, but also help map the DNA of fraudulent networks. We are sharing these standardized monitoring clues across the ecosystem because a safer industry for one is a safer industry for all.” The company said its 2025 strategy focused on proactive fraud prevention and industry collaboration as part of its broader effort to strengthen user protection across the platform. Featured image via Shutterstock. The post Bybit intercepts $300M in scams in Q4 2025 through AI-driven risk framework appeared first on Finbold .
