Introduction
Cryptocurrency fraud and cybercrime in Turkey have become increasingly important as crypto assets are widely used for investment, trading, transfers and digital financial activity. Crypto-related disputes may involve fake investment platforms, phishing links, stolen wallets, hacked exchange accounts, Ponzi schemes, impersonation scams, ransomware payments, fake crypto mining projects, fraudulent token offerings, Telegram investment groups, romance scams, money mule accounts and laundering of criminal proceeds through crypto transfers.
Turkey now has a more developed crypto asset regulatory framework. Law No. 7518, which entered into force after being published in the Official Gazette on 2 July 2024, amended the Capital Markets Law and introduced crypto-specific rules, definitions and a regulatory structure for crypto asset service providers. Secondary regulations published in March 2025 further developed establishment, operating, capital adequacy, internal control, risk management and technological infrastructure requirements for crypto asset service providers.
However, cryptocurrency fraud is not only a regulatory issue. In most cases, it is also a criminal law matter. Depending on the facts, crypto fraud may involve qualified fraud, unauthorized access to information systems, system interference, misuse of bank or credit cards, personal data offences, blackmail, money laundering and criminal organization allegations. The Council of Europe’s cybercrime profile for Turkey identifies Turkish Penal Code Articles 243, 244, 245 and 245/A as core cybercrime provisions and also refers to Article 158/1-f for computer and communications fraud.
This article explains cryptocurrency fraud and cybercrime in Turkey from a practical legal perspective. It focuses on criminal liability, victim remedies, evidence preservation, wallet tracing, exchange records, bank transfers, cybercrime complaints, compensation claims, corporate risks and defence strategies.
1. Legal Status of Crypto Assets in Turkey
Crypto assets are regulated in Turkey, but they are not treated as legal tender. The Central Bank’s 2021 regulation prohibits the direct or indirect use of crypto assets in payments and prohibits services involving the use of crypto assets directly or indirectly in payments. The regulation does not, by itself, prohibit investment or trading activity through crypto platforms, but it prevents crypto assets from being used as a payment method for goods and services.
Law No. 7518 brought crypto assets into Turkey’s capital markets framework by amending the Capital Markets Law. The new framework regulates crypto asset service providers, platforms, custody, transfers and related services. In practice, this means that crypto platforms and service providers operating in Turkey must consider CMB authorization, operating principles, technology infrastructure, internal systems, risk management and customer protection requirements.
This regulatory background is important in fraud cases. If a victim invested through an unlicensed or unauthorized platform, the case may involve not only criminal fraud but also regulatory violations. If the platform was operating in Turkey without proper authorization, this may strengthen the legal narrative that the victim was exposed to unlawful or misleading activity.
2. What Is Cryptocurrency Fraud?
Cryptocurrency fraud refers to deceptive conduct involving crypto assets, crypto exchanges, wallets, tokens, investment promises or blockchain-based transfers. The core element is deception. The offender misleads the victim and obtains unlawful benefit.
Common examples include:
Fake crypto investment websites promising guaranteed profits.
Telegram or WhatsApp groups offering unrealistic trading returns.
Romance scams where the victim is persuaded to buy crypto and transfer it to a wallet.
Fake exchange platforms showing artificial profits but refusing withdrawals.
Phishing websites that steal wallet seed phrases or exchange credentials.
Impersonation of crypto exchange customer support.
Fraudulent token sales or fake initial offerings.
Cloud mining scams with no real mining activity.
Ransomware demands in cryptocurrency.
Business e-mail compromise schemes converting stolen money into crypto.
Use of mule bank accounts to purchase crypto with fraud proceeds.
In Turkish criminal law, these schemes must be tied to specific legal provisions. “Crypto scam” is a practical description, but the court must identify the statutory offence: fraud, qualified fraud, unauthorized access, system interference, personal data crime, bank card misuse or laundering.
3. Qualified Fraud Through Information Systems
The most important criminal provision for crypto scams is often qualified fraud under Turkish Penal Code Article 158/1-f. This provision covers fraud committed by using information systems, banks or credit institutions as instruments. Crypto fraud frequently uses websites, mobile applications, online banking, fake dashboards, digital wallets, social media accounts and electronic payment channels.
Under Article 158, fraud committed through information systems, banks or credit institutions is punished more severely than simple fraud. Public legal summaries state that the minimum imprisonment for Article 158/1-f has been increased to four years and that the judicial fine cannot be less than twice the unlawful benefit in the relevant forms.
For example, if a fake crypto platform shows the victim artificial trading profits and convinces the victim to transfer money to buy crypto, Article 158/1-f may be relevant. If a fraudster uses a fake exchange website, fake mobile application or cloned platform to deceive the victim, the use of information systems becomes central.
A strong criminal complaint should clearly explain the deception. It should not only say “I lost crypto.” It should show how the victim was misled: fake profit screens, false statements, impersonation, withdrawal restrictions, fake tax demands, fake commission requests, manipulated platform balances or promises of guaranteed returns.
4. Fake Crypto Investment Platforms
Fake crypto investment platforms are among the most common forms of cryptocurrency fraud in Turkey. These platforms often look professional. They may have a website, mobile application, customer support account, trading dashboard, fake user reviews, fake company information and social media advertisements. The victim deposits money or crypto and is shown artificial profits. When the victim asks to withdraw, the platform demands extra payments such as tax, commission, account activation fee, withdrawal fee or anti-money-laundering verification fee.
This structure is typical of fraud. The platform is designed from the beginning to deceive. The displayed profits are not real. The withdrawal barrier is not a legitimate compliance procedure but part of the scheme. In Turkish law, this may constitute qualified fraud if the statutory elements are met.
Victims should preserve:
The website URL.
Screenshots of account balance and fake profits.
Deposit records.
Bank transfer receipts.
Wallet addresses.
Telegram, WhatsApp or e-mail messages.
Names and phone numbers used by “advisors.”
Withdrawal refusal messages.
Fake tax or commission demands.
Domain registration information if available.
In such cases, speed is crucial. Websites disappear, domains change, chats are deleted and crypto assets move quickly between wallets.
5. Phishing, Wallet Theft and Unauthorized Access
Many crypto fraud cases begin with phishing. The victim may receive a fake exchange login page, fake wallet update message, fake airdrop link, fake NFT minting page or fake customer support message. The victim enters a seed phrase, private key, password, SMS code or two-factor authentication code. The offender then transfers crypto assets from the wallet or exchange account.
This may involve several offences. If the offender unlawfully enters an exchange account, Turkish Penal Code Article 243 on unauthorized access to an information system may apply. If the offender transfers assets, changes account data, blocks access or manipulates the system, Article 244 on system interference and data transfer may also be relevant. Articles 243 and 244 are recognized as core cybercrime provisions in Turkey’s cybercrime framework.
In wallet theft cases, evidence may include transaction hashes, wallet addresses, exchange login alerts, IP records, phishing URLs, browser history, e-mail headers, SMS codes, device notifications and screenshots of unauthorized transfers.
Victims should not reset devices or delete messages before preserving evidence. If the wallet is non-custodial, blockchain transactions may be visible, but identifying the offender usually requires tracing the assets to an exchange or service provider that holds customer records.
6. Cryptocurrency and Money Laundering Risks
Crypto assets are frequently used to move or conceal proceeds from fraud, illegal betting, ransomware and other crimes. Turkish authorities have increased attention on crypto-related anti-money-laundering risks. In 2025, Turkish officials announced steps targeting laundering of proceeds from illegal betting and fraud through cryptocurrency transactions, including travel-rule-related measures, waiting periods for certain withdrawals and sanctions for non-compliant platforms.
For victims, this matters because fraud proceeds may move from a bank account into crypto and then through multiple wallets. For suspects, it matters because receiving, converting or transferring crypto assets connected to fraud may create serious criminal exposure if knowledge and intent are proven.
For crypto asset service providers, MASAK compliance is central. Service providers must manage customer identification, suspicious transaction reporting, transaction monitoring and transfer information obligations under AML rules. Failure to comply may create administrative and legal consequences.
7. Crypto Asset Service Providers and Regulatory Liability
The Capital Markets Board’s crypto framework is important for exchanges, custodians and platforms. Secondary regulations published in March 2025 regulate establishment and operating principles, capital adequacy, activities, information systems, outsourcing, internal control, internal audit and risk management for crypto asset service providers.
If a crypto platform is involved in a fraud dispute, several questions arise:
Was the platform authorized or operating under a transition framework?
Did it comply with CMB requirements?
Did it implement adequate customer verification?
Did it preserve transaction records?
Did it respond to suspicious activity?
Did it freeze suspicious assets when legally required?
Did it comply with MASAK obligations?
Did it mislead customers through advertisements or profit promises?
Did it misuse customer assets?
Not every investor loss creates platform liability. Crypto markets are volatile, and ordinary trading losses are not fraud. However, where a platform lies, manipulates balances, refuses withdrawals without lawful basis, misappropriates assets or operates without proper authorization, criminal and civil liability may arise.
8. Crypto Fraud vs. Ordinary Investment Loss
A key legal distinction is the difference between fraud and investment loss. Crypto assets are risky. Prices may collapse. Tokens may lose value. A trading strategy may fail. A platform may experience market volatility. These situations do not automatically create criminal fraud.
Fraud requires deception and unlawful benefit. The victim must be misled by fraudulent conduct. In a crypto context, fraud may exist where the offender lies about the platform, guarantees impossible returns, fabricates profits, hides the fact that no real trading exists, uses fake identities, prevents withdrawals through false excuses or operates a Ponzi scheme.
The complaint should therefore avoid presenting market loss as criminal fraud unless there is evidence of deception. The strongest complaints show concrete fraudulent acts: fake profit screens, false company claims, fake licenses, impersonation, manipulation of balances, repeated demands for additional payments and disappearance of the platform after deposits.
9. Ponzi Schemes and Pyramid Structures
Some crypto scams operate as Ponzi schemes. Early users may receive payments from later users, creating the illusion of profitability. Victims are encouraged to bring new investors. The platform may use words such as staking, mining, artificial intelligence trading, arbitrage, liquidity pool, passive income or guaranteed daily return.
A Ponzi structure may support qualified fraud allegations. If the organizers knowingly collect money under false promises and pay old investors with new deposits, the scheme is deceptive from the beginning. If multiple people act together, participation rules or criminal organization allegations may also be considered depending on the structure.
Evidence may include referral links, commission tables, group messages, promotional videos, fake profit statements, withdrawal histories, bank accounts, wallet addresses, organizers’ identities and communication records.
10. Ransomware and Crypto Payments
Ransomware cases often involve cryptocurrency because attackers demand payment in Bitcoin, Monero, USDT or other crypto assets. The attacker may encrypt company data, threaten to publish files or demand payment through a wallet address.
Under Turkish law, ransomware may involve:
Unauthorized access under Article 243.
System interference under Article 244.
Blackmail under Article 107.
Personal data offences if data is obtained or published.
KVKK breach notification if personal data is affected.
Money laundering issues if payments are transferred through crypto channels.
A company should not treat ransomware as only an IT issue. It should preserve evidence, assess criminal complaint strategy, review KVKK notification duties, evaluate cyber insurance, document the ransom demand and trace wallet addresses where possible.
11. Digital Evidence in Cryptocurrency Fraud Cases
Digital evidence is decisive in crypto fraud cases. Important evidence includes:
Bank transfer receipts.
Exchange deposit and withdrawal records.
Crypto wallet addresses.
Transaction hashes.
Screenshots of fake platforms.
Website URLs.
Domain registration data.
IP logs.
E-mail headers.
SMS messages.
WhatsApp and Telegram chats.
Social media advertisements.
Fake license documents.
Call records.
KYC documents submitted to platforms.
Device notifications.
Blockchain explorer records.
Screenshots of account balances and withdrawal refusals.
Victims should preserve original records, not only screenshots. For example, e-mails should be preserved with headers. Crypto transactions should be recorded with transaction hashes. Wallet addresses must be copied accurately. Chat messages should show phone numbers, usernames and dates.
12. Blockchain Tracing and Exchange Records
Blockchain transactions are often public, but public visibility does not automatically identify the offender. A wallet address may show where funds went, but not who controls the wallet. The strongest tracing results often occur when funds reach a centralized exchange, because exchanges may hold KYC information, IP logs, withdrawal records and linked bank accounts.
A criminal complaint should request:
Tracing of wallet addresses.
Identification of exchanges receiving funds.
Preservation of exchange records.
KYC and account information from relevant platforms.
IP logs and device information.
Bank account records connected to crypto purchases.
Freezing or seizure measures where legal conditions exist.
If the exchange is located abroad, mutual legal assistance or international cooperation may be necessary. Delay may make tracing harder because assets can move quickly through multiple wallets, bridges, mixers or decentralized protocols.
13. Bank Transfers and Money Mule Accounts
Many crypto scams begin with a bank transfer. The victim may send Turkish lira to an individual or company account, believing that the money will be invested in crypto. The recipient may then buy crypto and transfer it to the fraud organizer. In other cases, money mule accounts are used to receive fraud proceeds before conversion into crypto.
The bank account holder may be a direct participant or may claim to be deceived. The prosecution must examine intent, communications, commissions, withdrawal behaviour and connection with organizers.
For victims, bank records are crucial. They should preserve:
IBAN.
Account holder name.
Transfer date.
Amount.
Transfer description.
Messages instructing the transfer.
Any receipts or confirmations.
If funds remain in the account, urgent legal measures may increase recovery chances. If money is converted into crypto, tracing must continue through exchange and wallet records.
14. Criminal Complaint Strategy for Victims
A cryptocurrency fraud complaint in Turkey should be detailed and technical. It should explain the entire chain from first contact to loss.
A strong complaint should include:
How the victim met the suspect or platform.
The website, application or social media account used.
The investment promise.
All deposit and transfer dates.
Bank accounts and wallet addresses.
Screenshots of fake profits.
Withdrawal refusal messages.
Additional payment demands.
Names, phone numbers and usernames of suspects.
Transaction hashes.
Exchange account information.
Evidence of deception.
Legal qualification under Article 158 and relevant cybercrime provisions.
Requests for bank, exchange, platform, IP and wallet tracing records.
The complaint should also request urgent preservation of evidence because digital records may disappear. If the case involves a foreign exchange or foreign platform, the complaint should explain the need for international evidence requests.
15. Victim Remedies and Money Recovery
Victims of crypto fraud may pursue several remedies:
Criminal complaint.
Bank account investigation.
Crypto wallet tracing.
Exchange record requests.
Asset freezing or seizure where legally possible.
Civil compensation claim.
KVKK remedies if personal data was misused.
Law No. 5651 measures if fraudulent websites or private data are online.
Complaints to regulatory authorities where platform misconduct is involved.
Money recovery depends on speed, traceability and whether assets can be identified before dissipation. Recovery is easier if funds remain in a bank account or regulated platform. Recovery becomes harder if funds are moved through many wallets, mixers, decentralized exchanges or foreign platforms.
Victims should act immediately and avoid sending further money after being told that “tax,” “commission” or “unlocking fees” are required.
16. Civil Liability and Compensation Claims
Crypto fraud may create civil liability. Victims may seek compensation from direct perpetrators, platform operators, organizers, intermediaries, money mule account holders or responsible service providers depending on the facts.
Material damages may include:
Lost crypto assets.
Bank transfers made to fraudsters.
Additional fake tax or commission payments.
Legal expenses.
Forensic tracing costs.
Account recovery costs.
Business interruption losses in corporate cases.
Moral damages may be possible where the fraud also involves blackmail, identity theft, personal data exposure, reputational harm or psychological distress.
Civil claims require proof of unlawful conduct, damage and causation. A criminal file can support the civil case, but civil damages should still be documented carefully.
17. Corporate Victims of Crypto Cybercrime
Companies may be victims of crypto-related cybercrime in several ways. A company may lose funds through business e-mail compromise where money is converted into crypto. A ransomware attacker may demand crypto. An employee may divert corporate assets to crypto wallets. A fake supplier may request crypto payment. A platform may misappropriate customer assets.
Corporate response should include:
Immediate internal investigation.
Preservation of e-mails, headers and logs.
Bank notification.
Wallet tracing.
Criminal complaint.
KVKK assessment if personal data is involved.
Cyber insurance notification.
Review of employee access rights.
Vendor and payment control review.
Documentation of losses.
For companies, crypto incidents often reveal weaknesses in payment approval, cybersecurity, employee training and internal control systems.
18. Personal Data and Crypto Fraud
Crypto fraud often involves personal data. Fake platforms may collect identity documents, selfies, phone numbers, bank information, wallet addresses and passwords. If a Turkish company or platform processes personal data and that data is obtained unlawfully, KVKK obligations may arise.
The Personal Data Protection Board’s Decision No. 2019/10 requires data controllers to document personal data breaches and notify the Board without delay; it interprets “shortest time” in practice as no later than 72 hours after awareness.
If identity documents submitted to a fake crypto platform are later used for fraud, victims should consider both criminal complaint and data protection remedies. If a legitimate platform suffers a breach, affected users may have KVKK rights.
19. Law No. 5651 and Fraudulent Crypto Websites
Fake crypto websites, phishing pages and fraudulent advertisements may require urgent online remedies. Law No. 5651 may become relevant for content removal or access blocking depending on the legal basis and content type.
If the website is actively deceiving Turkish users, the criminal complaint should identify the URL and request preservation of hosting and domain records. Platform complaints, hosting provider notices and access-blocking strategies may be considered. However, access blocking does not automatically identify the offenders or recover funds; it should be used together with criminal and financial tracing measures.
20. Defence Strategies in Cryptocurrency Fraud Allegations
A person accused of cryptocurrency fraud may face serious consequences. Defence strategy should focus on the exact role, intent, benefit and evidence.
Possible defence arguments include:
The loss was market loss, not fraud.
The accused did not make false promises.
The accused did not control the platform or wallet.
The bank account was used by another person.
The accused was deceived as a money mule.
There is no evidence of criminal intent.
The accused only provided technical services without knowledge of fraud.
The complainant voluntarily made risky investments.
The alleged screenshots are incomplete or manipulated.
Wallet ownership is not proven.
IP records do not identify the accused.
Foreign platform records are incomplete or unauthenticated.
The legal classification is excessive.
In crypto cases, technical attribution is difficult. A wallet address alone does not prove who controlled it. A bank account connection may be relevant but not conclusive. The prosecution must prove knowing participation and unlawful benefit.
21. Practical Checklist for Victims
A victim of cryptocurrency fraud in Turkey should:
Stop sending additional funds immediately.
Preserve all messages and screenshots.
Save website URLs and platform account details.
Record wallet addresses accurately.
Save transaction hashes.
Preserve bank transfer receipts.
Keep e-mails with headers.
Identify phone numbers and usernames.
Take screenshots of withdrawal refusal messages.
Notify the bank quickly if bank transfers were made.
File a criminal complaint with technical evidence.
Request wallet tracing and exchange records.
Consider regulatory complaints if a platform is involved.
Secure e-mail, exchange and wallet accounts.
Change passwords and enable two-factor authentication.
Seek legal assistance before communicating further with suspects.
The first hours and days are critical because funds may move quickly.
22. Practical Checklist for Crypto Platforms
Crypto asset service providers operating in Turkey should maintain strong compliance systems:
CMB authorization and regulatory compliance.
Customer identification.
Suspicious transaction monitoring.
MASAK compliance.
Travel-rule procedures.
Internal audit and internal control.
Risk management.
Secure custody infrastructure.
Incident response plan.
Log retention.
Customer complaint procedures.
Fraud detection tools.
Cybersecurity controls.
Employee training.
Cooperation with lawful requests.
The 2025 secondary regulations show that Turkish crypto regulation is moving toward a more institutionalized model with stronger operational, technological and governance expectations for crypto asset service providers.
Conclusion
Cryptocurrency fraud and cybercrime in Turkey require a careful legal strategy combining criminal law, financial tracing, digital evidence, crypto regulation, data protection and civil remedies. Crypto assets are regulated in Turkey, but they are not permitted as a payment method under the Central Bank’s 2021 regulation. Law No. 7518 and the 2025 secondary regulations have introduced a more detailed regulatory framework for crypto asset service providers, platforms and related services.
For victims, the most important steps are fast evidence preservation, criminal complaint, bank and wallet tracing, exchange record requests and avoidance of further payments. For companies, crypto-related incidents may require cybersecurity response, KVKK assessment, internal investigation and regulatory review. For suspects and defendants, the key issues are intent, wallet control, digital attribution, market-risk distinction, role in the alleged scheme and reliability of evidence.
Crypto fraud is legally complex because blockchain transactions may be visible but identity may be hidden. Turkish law provides criminal, civil, regulatory and data protection remedies, but effective results depend on speed, technical precision and correct legal classification. In a cryptocurrency fraud case, the strongest legal strategy is evidence-focused, time-sensitive and coordinated across criminal investigation, asset tracing and regulatory compliance.
Yanıt yok