Pig butchering scams: The anatomy of a fast‑growing threat

Cyber Security

How fraudsters groom their marks and move in for the kill using tricks from the playbooks of romance and investment scammers

Sometimes you have to say things that go without saying: Social media and instant messaging have made staying in touch with friends easier than ever. These days, you’re never too far away from people within your social circle – as well as just about everybody else on the planet. What’s more, you don’t need to guess which time is best suited for a call anymore, as messaging can be more convenient and quieter.

But this hyper-connectedness cuts both ways. You have the world at your fingertips, but so does everybody else. With the old lines of separation all but gone, you’re never out of reach either – and for almost anybody. And while striking up new conversations online can be exciting, scammers of all stripes have also taken notice. These days, they can just as easily knock at your virtual door, using increasingly devious techniques to bilk you out of your money.

Pig butchering: the tricks of the trade

Surely you’re familiar with cold calling, the age-old method that often involves blatant sales pitches ‘out of the gate’. The same term also extends to emails and messaging; as such, this kind of prospect outreach can be used for both legitimate and nefarious goals.

In some flavors of online fraud, cold contacting yields higher dividends when using less intrusive, but all the more sophisticated techniques. In many cases, these schemes may often start with something as benign as a message ostensibly sent to you by mistake. But the message, sent “by mistake”, masks a stark reality.

Lately, there has been a rise in scams that cold message people and build up rapport with them, only to trick them later. This scam is called pig butchering, and it has a very apt name, as it derives from farmers fattening up a pig before slaughter with the goal of reaping lots of meat. In our digital sense, this “meat” would be, you guessed it, money.

Example of outreach tactics used also by pig butchering scammers

Monetary slaughter

Pig butchering relies on a combination of apps, websites, web hosts, and humans – in increasingly many cases, human trafficking victims – to build trust with a random person over a period of weeks or months, often under the guise of a romantic interest. As such, this con is not an entirely new genre of fraud, as it borrows from the playbooks of tried-and-tested types of fraud such as romance fraud before putting an investment spin on it and wrapping it all up in prospects of (crypto) riches.

Indeed, the wholly online discussion will eventually turn to investment opportunities, usually involving cryptocurrency, that the scammer claims to have earned huge returns on. The victim is then invited to participate – and often duly proceeds, perhaps driven by a fear of missing out on the next big opportunity. Indeed, who hasn’t at least heard of somebody who made a killing after dabbling in crypto?

Going in for the kill

Once a victim deposits money, scammers will initially enable them to make withdrawals; then they eventually lock down the account and claim that they need a deposit of some percentage of their investor’s balance in order to return access. Even when the deposit is paid, the money isn’t returned, and the scammers invent new reasons the victim should send more money.

It might sound far-fetched to some: How could anyone initiate such a close relationship with a random person who messaged them out of the blue? However, since most of us have heard of or can easily imagine how online dating is also rife with scams, it is not unbelievable that people fall for such tricks.

Romance, also known as dating scams cost their victims a whopping US$1.3 billion in 2022, according to the latest numbers from the US Federal Trade Commission. Almost 70,000 people reported falling victim to dating scammers, with a median reported loss of US$4,400. One particular victim lost as much as US$2.5 million from being deceived into crypto investments. It’s also safe to say that this still doesn’t capture the magnitude of the problem, with many victims not coming forward because they feel embarrassed.

Industrial-scale global scams

If one person can get deceived into dumping thousands dollars into this type of scam, the returns from such an operation with multiple victims must be massive. Indeed, in 2021 alone, US$429 million was lost to pig butchering scams. We are talking about scams on an industrial scale, employing thousands of people for a pittance or no money at all. The situation has become so dire that both the EU and the US have started to increase their focus on this area, both investigating and prosecuting people suspected of propagating the scams.

What’s worse, with machine online translators reaching a level of quality where they can easily help in creating convincing scams in a variety of languages. Coupled with the advent of new machine-learning-powered chatbots such as ChatGPT, scammers can generate even more persuasive messages, and at a higher tempo than ever before, perhaps opening the doors to even more global operations.

Staying safe from pig butchers

Apart from reading this article, our advice to you to help filter out this issue would be very similar to the one related to the social engineering aspects of other scams, with the addition that the emotionally manipulative side of pig butchering is far higher. Most importantly:

  • Be wary of unsolicited messages, including those that you apparently receive “by mistake”.
  • Be skeptical – even if you do reply to such messages, don’t trust anyone you’ve just met online just because they seem likeable.
  • Don’t discuss your financial situation with unknown people online and be especially cautious about unsolicited investment advice.

Still, some additional advice may be useful. The FBI shared the following characteristics of pig butchering scams that should be considered red flags:

  • You are contacted by a long-lost contact or a stranger on social media.
  • The URL of the investment platform doesn’t match the official website of a popular cryptocurrency market/exchange but is very similar (typosquatting).
  • The investment app you have downloaded generates warnings of being “untrusted” when launched on Windows, or your antimalware software marks it as potentially dangerous.
  • The investment opportunity sounds too good to be true.

Products You May Like

Articles You May Like

Threat intelligence explained | Unlocked 403: A cybersecurity podcast
Third-Party ChatGPT Plugins Could Lead to Account Takeovers
How to share sensitive files securely online
Moldovan Behind E-Root Marketplace Gets US Federal Prison Term
NIST National Vulnerability Database Disruption Sees CVE Enrichment on Hold

Leave a Reply

Your email address will not be published. Required fields are marked *