PARIS, October 27 (Benin News / EP) –
A group of researchers analyzed a new attack, dubbed the Pig bucheringwhich involves encouraging victims to invest in cryptocurrencies once they have gained their trust by using the same strategy as in love scams.
The Web site Romantic scam o romantic scam is a social engineering attack that tricks another person into believing that there is an “online” romantic relationship between the two of you. To do this, the attacker create a fake profile by stealing photos other real people, and once they know the victim thinks they are in love, they convince them to make bank transfers.
The main difference between “Romance Scam” and “Pig Buchering” – which translates to “pig slaughter” – is that, in the latter case, the scammers abuse the trust of the victims. to encourage them to invest in cryptocurrencies.
Of Chinese origin, this “online” crime has managed to position itself as one of the EU’s main attacks. social engineering in non-English speaking countries. So much so that last April the United States Federal Bureau of Investigation (FBI) issued a notice that was becoming increasingly popular.
In fact, according to data collected by the Global Anti Scamming Organization (GASO), the victims lose about $ 122,000 (about 121,000 euros) on average thanks to these scams. In addition, two thirds of those affected are women between the ages of 25 and 44.
Cyber security firm Proofpoint has conducted an investigation to find out how these cybercriminals operate and how far they can go with these online scams.
First, the threat start with a conversation with a strange person on social media, who contacts victims claiming to have changed their phone number, among other excuses.
Once you get a response from that contact, they are very enthusiastic and starts sending photos of where they are or what they are eating, to give some reality to a seemingly harmless conversation.
Over time, attackers claim to have a godfatherusually a friend or relative, who has introduced them to pleasures such as travel and other projects. After this more intimate contact, they suggest continuing the conversation on messaging platforms like Telegram or WhatsApp for more privacy.
Once they have received the phone of their victims, they can send suggestive selfies and encourage victims to participate in this media sharing. Scammers can also refer to a friendly relationship to keep in touch.
After this second step, they mention their mentor again as a solution to all their financial problems, and they convince their victims to talk to him and find a way to make money quickly and easily.
This is where the other malicious actor comes in, even though it could be the same person who initiated the scam. This user sends the victim technical documents related to the cryptocurrency investment and offers to help create a Coinbase or Crypto account.
This type of mentoring is usually done in a chat group, usually WhatsApp, Discord, or Telegram, which also includes other people who would have benefited from investing in cryptocurrencies. Also, the “mentor” shares tips on cryptocurrencies to give more credibility to the scam..
As the Proofpoint researchers found, once victims reveal their phone number, they start receiving indiscriminate invitations to private groups related to cryptocurrency trading.
This would indicate that cybercriminals share victim lists at random, regardless of how those victims are distributed among their groups.
Finally they are all redirected to the website or a fraudulent mobile application. The scammers then encourage them to purchase a small amount of cryptocurrency, usually from Coinbase.com or Crypto.com.
They are then asked to submit a screenshot of the investments and are encouraged to spend an amount less than 1,000 for a certain period of time. He is then informed that whoever makes these transactions will receive a corresponding reward of 10-20% of the money spent.
As time goes by, forwards require larger volume transfers, which theoretically inflates their digital wallets, when in reality they are just losing money on these moves.
If at some point victims refuse to continue investing for lack of funds, the scammers even encourage them to take out loans, refinance their homes, or sell the shares they own.
Furthermore, the duped people do not seem to have the right to withdraw all the money left over, as do the actors of the threats. explain to them that they can only withdraw a small amount of money. citing issues such as taxes or international law.
Finally, they are threatened share their photos or previously sent videos or report them for tax evasion in case they do not intend to continue financial transactions. After all the money is withdrawn, the fake website and its domain are finally closed, in order to create another website for new victims.