Iran Fraudsters Demand Bitcoin and USDT for ‘Safe Passage’ Through Strait of Hormuz – Report
Scammers posing as Iranian government officials are allegedly attempting to extort shipping companies for cryptocurrency payments in exchange for “guaranteed” transit through one of the world’s most sensitive maritime chokepoints, the Strait of Hormuz.
According to Greek maritime risk consultancy MARISKS, which flagged the scheme in comments shared with Reuters, unknown actors have been contacting shipping firms and pretending to represent Iranian authorities. The messages demand that ship owners and operators pay in Bitcoin or Tether’s USDT stablecoin to obtain supposed clearance to sail safely through the strategic waterway.
The communications reportedly claim that vessels must first submit documentation for review by Iranian security services. Only after this fictitious vetting process, the fraudsters say, will a specific fee be calculated and requested in crypto. The promise: once the payment is made in BTC or USDT, the ship will be allowed to pass through the strait at a predetermined time without interference.
In one version of the message cited in reports, the impostors tell companies that, after reviewing the submitted paperwork and “confirming eligibility” with Iranian security agencies, they will issue a mandatory charge to be settled exclusively in cryptocurrency. Payment, they assert, is a prerequisite for the vessel to cross the Strait of Hormuz “without obstacles and at the previously agreed transit time.”
The scheme is emerging as tensions in the region remain elevated, with the broader Iran-United States confrontation entering its third month. The Strait of Hormuz, which connects the Persian Gulf with the Gulf of Oman and the Arabian Sea, is a critical corridor for global energy supplies and a frequent focal point of geopolitical friction. Periodic military incidents and ship seizures have already heightened anxiety among shipowners and insurers; the appearance of crypto-themed extortion adds a new layer of risk.
Unlike traditional port charges, pilotage fees or canal tolls, which are clearly codified and typically paid through established banking channels or authorized agents, these demands are ad hoc, opaque, and routed through untraceable or hard-to-recover payment rails. The insistence on Bitcoin and USDT is a key red flag, experts say: neither are standard instruments for legitimate government maritime fees.
For scammers, however, cryptocurrencies offer several advantages. Bitcoin payments are irreversible and can be moved quickly through a network of wallets, while USDT provides the stability of a dollar-pegged asset without relying on the conventional banking system. Together, they give fraudsters a way to receive value from victims without exposing easily frozen bank accounts or disclosing verifiable identities.
The choice of target is also calculated. Commercial vessels facing delays near Hormuz can incur hefty costs from idle time, route deviations, rising insurance premiums, and contractual penalties. Under pressure to keep cargo moving and crews safe, some operators might be tempted to pay a suspicious invoice if it appears to come from a credible authority in a dangerous region-especially in the fog of an ongoing conflict.
MARISKS’ warning suggests that the messages are crafted with a veneer of officialdom, often referencing Iranian security bodies and using formal bureaucratic language. By invoking “security assessments” and “eligibility checks,” the criminals attempt to mimic real-world processes that shipping firms routinely encounter when dealing with coastal states and port authorities.
Industry specialists caution that genuine Iranian maritime authorities do not require clearance fees in cryptocurrency and that any such demand should be treated as an attempted fraud. Legitimate transit rules for the Strait of Hormuz are governed by international maritime law and established bilateral or multilateral arrangements-not by ad hoc crypto invoices sent via email or messaging apps.
The scam underscores a broader trend: cybercriminals are increasingly exploiting geopolitical hotspots and commercial chokepoints to target global logistics networks. In recent years, shipping companies have contended with phishing campaigns spoofing port officials, ransomware attacks on logistics IT systems, and fraudulent instructions to divert freight payments. The Hormuz crypto-extortion plot appears to be the latest iteration of this pattern, adapted to a conflict zone and turbocharged by digital assets.
For shipowners and charterers, the incident highlights the need for rigorous verification procedures when receiving any request that purports to come from a government or military body. Best practices include cross-checking contact details against known official channels, verifying with local agents or embassies, and consulting internal legal and security teams before sending any funds. Any demand that insists on Bitcoin or USDT, particularly under vague threats or promises of “protection,” should trigger immediate suspicion.
Insurers and P&I clubs are also likely to pay close attention to such cases. Paying fraudulent “transit fees” not only rewards criminal activity but can also complicate claims if an incident occurs subsequently, especially if the payment could be interpreted as facilitating illicit conduct. Some maritime risk policies may require that suspicious financial demands be reported and investigated before any funds are transferred.
From a compliance perspective, shipping companies must also be aware that sending funds-crypto or otherwise-to unknown actors who claim to represent sanctioned states or entities can create serious legal exposure. Even if the demand is fraudulent, a misdirected payment could potentially end up in wallets controlled by individuals or organizations subject to international sanctions, raising the risk of regulatory scrutiny or penalties.
The use of stablecoins like USDT in such schemes reflects their growing presence in cross-border finance, both legitimate and illicit. While stablecoins can simplify payments in regions with unstable banking systems or capital controls, they also allow criminals to request dollar-like value without interacting with traditional banks. This dual-use dynamic is prompting renewed calls for clearer oversight and improved transaction monitoring within the stablecoin ecosystem.
Shipping security advisors note that conflicts and crisis zones are fertile ground for social engineering attacks. When navigation routes are under threat, military patrols are active, and news headlines are dominated by incidents at sea, fraudulent messages referencing the same events become more believable. Companies operating in or near the Strait of Hormuz are therefore urged to train crews and shore staff to recognize and escalate suspicious communications rather than reacting in haste.
In practice, legitimate maritime directives are rarely issued spontaneously to foreign shipowners via generic email addresses or unsecured messaging accounts. They typically come through established governmental portals, official notices to mariners, or direct communications with verified agents. Any break from these patterns-combined with a demand for crypto-should be considered an immediate warning sign.
The incident also reveals how quickly criminal actors adapt to new payment technologies. As awareness of traditional bank-transfer fraud has grown and controls have tightened, scammers have pivoted to digital assets, exploiting their speed and global reach. The maritime sector, with its complex cross-border operations and time-sensitive decisions, is an attractive target for these evolving tactics.
Going forward, industry observers expect more concerted efforts to share intelligence about such schemes among shipowners, security firms, and regulators. The faster fraudulent communication templates, wallet addresses, and associated threat indicators are circulated within the sector, the harder it becomes for a single attack pattern to succeed repeatedly.
While the full scale of the Hormuz crypto-extortion attempts remains unclear, the message to the shipping industry is unambiguous: there is no legitimate requirement to pay Bitcoin or USDT to secure safe passage through the Strait of Hormuz. Any such demand should be treated as a scam, escalated to security teams, and, where appropriate, reported to relevant authorities.
Until geopolitical tensions ease and maritime routes in the region stabilize, operators are expected to maintain heightened vigilance-not only for physical threats from state or non-state actors, but also for digital frauds that exploit the same climate of fear and uncertainty to extract value in cryptocurrency.