New pig butchering scam looks to lure in victims with fake gold

(Image credit: Gustavo Frazao / Shutterstock)

Cybersecurity researchers from Sophos have a new cyber scam that looks to lure in victims with the promise of lucrative gold returns.

The two new "pig butchering" campaigns, which are elaborate fraud scams that can last for months, saw the attackers impersonate a wealthy, attractive female on social media, and approach potential “pigs” (victims). 

After some back-and-forth, the attackers would try and convince the victims to invest in a cryptocurrency platform, promising riches and wealth. The platform is actually fake and all of the “invested” money actually ends up on the accounts of the attackers.

Going after the whole hog

What makes these new campaigns stand out is that the crooks are looking to diversify their portfolio. Usually, they would try and steal people’s cryptocurrency, mostly because it’s easier to steal and harder for law enforcement to confiscate and return. 

However, the crooks were now observed moving into precious metals, as well. Of the two campaigns, one is based in Hong Kong and involves a fake gold trading marketplace. The other one is based in Cambodia and involves stealing people’s cryptocurrency. Apparently, they managed to rake in $500,000 in just a month.

“Since the start of the pandemic, this type of cyberfraud has massively expanded,” commented Sophos’ Sean Gallagher, principal threat researcher. 

“These scammers are now targeting people on all major social media platforms or even direct message, and they’re not limiting themselves to just exploiting crypto but also gold and other forms of currency or trading value. They’re quite literally going after the whole hog.”

According to Gallagher, the attackers were “less polished” in terms of social engineering, meaning they weren’t as convincing as some other threat actors. Technically, however, they were more sophisticated, as they used an elaborate combination of “highly effective SEO”, polished scam landing pages, and a pirated version of a legitimate trading app with additional malicious code.

They were also active in updating the scam infrastructure, to make sure they remain operational.

As usual, the best way to protect against these threats is to use common sense. If something’s too good to be true, it probably is. And when a beautiful woman approaches you on LinkedIn with an investment opportunity, be very, very sceptical. 

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.