Bitcoin Magazine Casa Launches Four Security Features to Combat Rising Social Engineering Attacks on Bitcoin Holders

Bitcoin security firm Casa has released a suite of four features targeting social engineering, the attack vector responsible for the bulk of crypto theft in 2025. The features are live now for Casa customers, arriving as the FBI reports crypto fraud losses climbed 22% year over year to more than $11 billion last year.

Social engineering — where scammers manipulate victims into sending funds or handing over wallet access — now dwarfs other forms of crypto theft. For every physical attack on a crypto holder reported in 2025, there were more than 2,000 phishing attacks filed with the FBI. 

Casa CEO Nick Neuman said the firm treats attacks on its clients as a direct challenge. “Social engineering is the lowest of the low,” Neuman wrote. “People are trying to trick others into losing their life savings. We will not stand for it.”

Guardian Mode

The first feature, Guardian Mode, adds a human checkpoint to every transaction. When enabled, the Casa Recovery Key will not sign a transaction until two Casa Advisors complete a live video verification call with the account holder. 

After that call, a 48-hour hold activates before the signature is applied. The window gives users the ability to reverse course if they acted under pressure. Disabling Guardian Mode follows the same process — a verification call plus a 48-hour delay — so an attacker cannot strip the protection and strike in the same session. 

Guardian Mode is opt-in and available to Premium and Private Client members.

Whitelisting Addresses

Whitelisting restricts vault withdrawals to a list of pre-approved addresses. Any new address added to the list enters a 48-hour waiting period before it becomes active. During that window, Casa sends an email alert to the account holder. 

The delay is designed to interrupt a core element of social engineering: the manufactured urgency that pushes victims to send funds before they reconsider. Turning off Whitelisting carries its own 48-hour hold, preventing an attacker from disabling the feature and draining funds in a single move.

Suspicious Account Activity

The third feature monitors login locations and flags sessions that are physically impossible given the timing of prior logins. Casa records city-level location data at sign-in but does not store IP addresses; location data is deleted after 48 hours. If a login from Tokyo follows a login from Montreal by 20 minutes, the system sends an email alert. 

The feature is built to catch unauthorized account access without building a surveillance profile on the user.

Phone Call Detection

The fourth feature addresses the role phone calls play in social engineering. Casa found that 20% of such attacks begin with an unexpected call, where the attacker uses real-time conversation to manufacture urgency and override the victim’s judgment. 

The Casa app now detects an active phone call on the device and, when a user attempts to send funds mid-call, requires them to enter a Casa Advisor Verification Code before the transaction proceeds. 

A legitimate Casa advisor will have the code. The app checks call state only and does not access audio, caller ID, or call content.

Casa said the features are part of a broader five-week campaign with industry experts to raise awareness about social engineering. AI tools and data breaches, the company noted, have made these attacks more targeted and convincing than before.

This post Casa Launches Four Security Features to Combat Rising Social Engineering Attacks on Bitcoin Holders first appeared on Bitcoin Magazine and is written by Micah Zimmerman.