Pig butchering: Proving the Luddites right

Pig-butchering may be proving the Luddites were right. The social-engineering scam bypassed ransomware as the most profitable cybercrime approximately two years ago. After government regulations and law enforcement took a big bite out of returns for ransomware this past year, public-private partnerships are taking aim at the new champ.

TL;DR

• Pig butchering eclipses losses from ransomware
• Top targets are tech savvy people under 50
• Human error trumps cyber awareness
• Public/private partnerships making inroads at dismantling scam operations
• Tips to avoid scams
• Podcast with Arkose CEO

Between 2020 and 20023, scammers reaped more than $75 billion from victims around the world. Approximately 90 percent of the losses came from of purchasing fraudulent cryptocurrency, according to the US Treasury Department’s, Financial Crimes Enforcement Center. In comparison, ransomware attacks in that same period harvested $20 billion worldwide in ransoms and cost approximately another $20 billion in recovery costs.

Many cybercrimes go unreported but because of various reasons, but government regulations on ransomware force many companies to report meaning one in three successful attacks may be unreported and are not counted in estimated losses. However, there are no regulations requiring pig-butchering victims to report the crime and, as a result, law enforcement sources estimate only one in three victims report losses. That means total losses to ransomware could total more than $50 billion, while pig-butchering could cost around $225 billion and growing almost exponentially.

Who is the target

The Luddite movement in the 19th century is generally derided as a group of people opposed to all technological advances. In reality, they saw many of the downsides that tech developers refused to accept. They argued vociferously and violently in favor of slowing development

The Luddite argument is still with us but the adherents are less vociferous and at blissfully ignorant of digital trends like social media, cryptocurrency, and the cashless society. That group is almost totally made up of people over the age of 50. Studies show tech-savvy people under 50 people are most vulnerable to all forms of cybercrime, but pig butchering is the most profitable way of separating those people from their money.

The scammers target people with high-net wealth and a desire to hide revenue from the government. These victims tend to be politically conservative and distrustful of legitimate banking systems. But more see they consider themselves adept at social media and the security issues of digital technology, which gives them false confidence.

Twingate study

A study by TwinGate in 2022 found that in that year, people over 50 had been scammed out of $1.7 billion, based on reports to the FBI. But people under 50 had lost $2.7 billion. The study showed that the forms of the scams changed according to age.

Victims over 50 were more susceptible to traditional romance scams and predatory telemarketing, the study showed. Under 50, however, were much more vulnerable to scams involving innovative investment schemes, like cryptocurrency.

The TwinGate report said, “When you consider the history of the digital world, it really isn’t until you get to the early tip of the 40-49 range that you begin to see people who grew up with the internet as a component part of their lives from an early age.” So just having a high net worth doesn’t mean you are the prime target for pig butchering. You also need a belief in your own invincibility.

Some wealthy, tech-savvy people may feel that they are more protected against cybercrime than the average person. They often have the financial means to invest in advanced cybersecurity tools, such as encrypted devices, VPNs, and personal security experts. That may give them a sense of immunity. They may also understand the need for practices like using strong passwords, enabling two-factor authentication, and recognizing phishing attempts.

Tech not a savior

People who believe they understand technology well might think they are less likely to fall for scams. That belief could make them more vulnerable to sophisticated attacks designed to bypass common security measure. Wealthy individuals, even if they are tech-savvy, are often more attractive targets for cybercriminals. Cybercriminals might put in the extra effort to launch highly personalized and advanced attacks, like spear phishing or ransomware that can compromise even well-protected systems.

In August, the CEO of Heartland Tri-State Bank in Kansas received a 24-year sentence after embezzling $47.1 million from the bank into a pig butchering scam, routing the funds to scammers’ crypto accounts, causing the bank to collapse.

Gizmodo last week reported several hundred Truth Social subscribers reported losing hundreds of thousands of dollars to scammers. They flooded the victims with private messages pushing cryptocurrency investment schemes. Once they lost the money, a business run by the same criminals, contacted them with the claim they could recover their money, for a fee. One person paid $170,000 to get their initial lost back and lost that money as well. “Truth Social seems to be a target-rich environment for people who are easy to con,” reporter Matt Novak wrote.

Cyber Protection Magazine receives several comments on our content from these criminal organizations pushing cryptocurrency recovery services. Because we moderate all comments we do not publish them and remove them from our server.

Defenses rising

According to several experts, defending against these social engineering crimes is difficult because human error is the primary weakness in all of them. Naive victims with bad security practices are generally to blame for all the successful attacks. Governments in partnership with private security providers are cracking down on the headwaters of this particular crime — data brokers.

One of the vendors is Arkose Labs, a security research company. Arkose partners with its clients, including Amazon, Microsoft and OpenAI, to identify and litigate against data brokers selling private identity information (PII) stolen from those clients. “We find that 95% of attacks on the internet are being done by providers of software that you can purchase to use to make the attacks,” said Arkose CEO Kevin Gottchalk.

The data providers are primarily based in southeast Asia and have legal immunity from prosecution, but not from civil actions. Arkose has successfully litigated against two of the nine major groups this year alone. Gottschalk claimed China’s government has put the screws to organizations in their borders curtailing much of the activity there. Thailand, Vietnam and Cambodia are still hotbeds for pig-butchering operations.

Disincentives

“We can stop them making money, and we can make them think that they actually might go to jail. That changes the game quite a lot when it comes to who is actually willing to do these kind of attacks.” Gottschalk explained.

Many of the operations started out as casinos that opened just before the pandemic hit. That cut into their revenues quickly, so the pivoted to building out call centers in the facilities, turning them into fortresses and then tricking workers into coming on board as technicians. The organzations took take their passports taken and keep them imprisoned until they earn enough to get their freedom. That outcome rarely happens. They are trained in how to build relationships over a long period of time.

Personal responsibility

The best way to defend against this kind of scam is the maintain a healthy dose of skepticism.

According to FBI numbers, half of all cryptocurrency transactions are for criminal enterprises, including these kind of scams. An offer to participate in a new form of cryptocurrency should be your first red flag. Next, if you cannot meet the person you are dealing with face to face, assume they do not have your best interests at heart.

The exchange you currently use for storing your deposits should be able to handle any new currency. If you have to transfer the wallet to a different exchange, that should tell you it is probably a scam.

Any new currency should have public information about them that allows new subscribers to see who they are dealing with. Even seemingly legitimate cryptocurrencies have issues. For example, the Trump family is about to launch a new currency managed by two men that have very shady business backgrounds. One describes himself as “the dirtbag of the internet” and “that regulators should “kick s***heads like me out.”

Finally, if you find yourself in the middle of a scam, it is likely your money is unrecoverable. Don’t send them more.