Pig butchering: A day in the life of a cyberfraud fighter | #whatsapp | #lovescams | #phonescams

Fighting cyberfraud and helping to make the internet a safer place is a passion of mine. I’ve helped create solutions at Square and Facebook to protect users from malicious activity and I currently research and advise clients about emerging threats. In late 2021, I turned my focus to understanding a new technique used by fraudsters, one that combines the emotional manipulation of romance scams with the lure of crypto investing. It’s commonly referred to as “pig butchering.” 

I thought I had seen it all…

During a routine customer meeting, one of Sift’s dating app clients flagged a specific type of suspicious behavior — pig butchering — they were noticing on their platform. As an occasional dating app user myself, I immediately noticed that these types of accounts were prevalent across other dating apps, and took this as an opportunity to investigate. I rolled up my sleeves and signed up for every major dating app under a pseudonym to understand the anatomy of the scam.  

To my surprise, I uncovered an elaborate and increasingly common type of romance scam targeting dating app users. In this scam, the targets are referred to as “pigs” being prepared for slaughter — they’re raised for a juicy profit under the promise of a happy ending and big crypto wins. But ultimately, the scammer runs off with the victim’s money.  

I found that all the fraudulent accounts are similar in the fact that they’re profiles pretending to be successful businesspeople. They often talk about financial freedom and wanting to retire early to travel the world with their families. The fraudsters show off a luxurious lifestyle and model-esque photos and include irrelevant answers to the app’s question prompts. They message unsuspecting users, then try to push the conversation off the app and onto an encrypted messaging platform, like WhatsApp, as quickly as possible. This allows them to maintain their anonymity and evade detection by any particular platform. 

Once the conversation is in a secure, unmonitored channel, the fraudster lures the victim into making investments in a fake crypto platform, controlled by the scammer, eventually allowing the scammer to make off with all the money “invested.” 

Cyberfraud: Going undercover with a pig butcher

After learning about the sophistication and cruelty of the scam, and how it could potentially impact the nearly 50 million Americans who use dating apps, I wanted to know more so I could better understand how to protect businesses and consumers. And, I thought, what better way to get an inside look than to set myself up undercover as a guinea pig?

Once I connected with a scammer’s profile, they immediately started “love bombing” me with repeated flattering and romantic messages. I knew this was a way to earn my trust quickly, so I continued to play along.

After they felt they’d built enough trust with me, the fraudster suggested we continue our conversation on WhatsApp. I complied and after less than two days, they initiated talk about money. At first, the fraudster started to tout his crypto wins and bragged about how much he’d made investing. He followed it up by promising to teach me about crypto investing, so I wouldn’t miss the opportunity to make extra cash. I didn’t want to blow my cover, so I initially acted hesitant, at which point they began to use psychological tactics to manipulate me into investing with urgency. 

It was at this point in our conversation that I “acquiesced” and he taught me how to create an account on a legitimate crypto exchange. Once I was set up, the scammer claimed to know of a better exchange for trading and sent me a link to a new platform. This new platform had zero presence on search engines and app stores, and the domain registrant information was made private. This phony trading site mimics a real crypto trading exchange, showing accurate real-time values of cryptocurrencies, to seem credible.

I put $100 worth of Tether (USDT) into the fake exchange, and almost instantly, I started to see the earnings come in. I suspected that this was because the scammer controlled the returns displayed on the trading exchange, and was further trying to earn my trust by showing gains. I played along to show my confidence in the platform and was pushed to invest larger amounts of money. Throughout this period, the scammer continued to entice me with phrases like “don’t miss out” and “don’t give up” to try to get me to put more money into their exchange. 

Having established an understanding of this scam, I knew that the cyber con would continue to try to drain me of more money. With no need to further “invest” with the fraudsters, and with his patience running short, I decided to confirm whether my hypothesis that this was a scam was true.

Using publicly available tools that track blockchain transactions, I was able to track the history of the account that was associated with me. To my surprise, “my account” had seen a total of $130,000, which confirmed that I wasn’t the only victim this fraudster was targeting.  

Combatting sophisticated cyberfraud

Today, 22% of consumers who encounter crypto scams lose money, and that number is only going to rise as these scams continue to proliferate. After uncovering the inner workings of pig butchering, I began working closely with Sift’s dating app customers to detect fraudulent accounts and shut them down before they ensnare more victims.

After witnessing this scam I’d urge consumers to remember these tips:  

• Take things slow: If you’re talking with someone on an app and they immediately try to take you off the platform, it’s a sign they could be a fraudster. Don’t comply. Instead, push back and say that you’re more comfortable chatting longer on the app.

• Money can’t buy love: If something looks too good to be true, it probably is, and if it were that easy to become mega-rich, then we would all be. Always conduct background research before investing in anything.
• Use reputable investing platforms: Not only do legitimate crypto exchanges provide higher security measures, but in the event your account gets hacked, it will be much easier to address issues with the exchange. When evaluating the trustworthiness of a crypto trading platform, make sure you verify that the platform has an online presence on a trusted app store and/or search engine.
• It’s not only on the consumer: Businesses have a responsibility to educate users and the public about cyberfraud and online threats. If a business is seeing a rise in a certain kind of scam, it’s the business’s responsibility to warn its customers. This will help reduce the number of individuals that fall victim to these scams.

Whether you’re a dating app user, a crypto investor or even a cyberfraud researcher, there’s no way to avoid scams entirely. That’s why we as a community — businesses and cyberfraud fighters — need to come together to use the tools at our collective disposal to stop fraudsters from appearing on dating apps in the first place. 

Jane Lee is a Trust and Safety Architect at Sift.