According to Slowfog Chief Information Security Officer@im23pdsX Platform, a cryptocurrency user suffered a "Withdrawal of Captcha" scam and lost as much as US$1.1 million. The scam method is that the victim receives a text message disguised as a trading platform, claiming that someone has applied for a cash withdrawal Captcha and provides a telephone number for contact. After the victim called back, the scammer claimed that there was a security vulnerability in the system and security restrictions needed to be implemented. Subsequently, another scammer pretended to be an employee of Ledger and called the victim to visit the phishing website on the grounds of resolving security issues, which eventually led to the theft of assets. This case reminds cryptocurrency users to be vigilant, not to trust text messages and phone calls of unknown origin, beware of phishing websites, and protect the security of personal assets.