The $3B Cybercrime Threat Overtaking BEC

The B Cybercrime Threat Overtaking BEC

Pig killing is an annoyingly named, rising investment scam that uses a potent mix of the promise of love and the lure of making easy cryptocurrency millions against its unsuspecting targets.

Through the careful process of “fostering” low-income victims with cryptocurrency deals and personal interactions, there is often an element of romance, all of which is meant to convince them to invest heavily. If successful, as they often are, threat actors are able to make off with the “whole hog” of their targets’ assets.

Investment fraud as a category, of which pork butchery is a subset, will cost victims approximately $3 billion by 2022, making it the leading cybercrime loss leader, surpassing business email compromise (BEC) and even ransomware, according to a new analysis from Cofense of the latest FBI Internet Crime Report (IC3).

In it, Cofense researcher Ronnie Tokazowski said that Cofense observed a 127% increase in cases of pig slaughter in 2022, even though the latest IC3 does not specifically pose a threat.

The FBI has cited hog slaughter as a scam in several public alerts, news outlets have reported a massive increase, and to see it disappear is shocking,” Tokazowski said, noting that an alert was issued in New Mexico to warn residents about the increase in pig slaughter scams last holiday season last December.

“I’ve talked to IC3 in the past, and this [oversight] may be a result of how metrics and data are collected,” Tokazowski explained about his findings. “I mean if victim to begin with [calls something] ‘crypto investment’ even though there may be a romance scam angle to it, it will ultimately be put in the ‘crypto investment’ bucket. Unfortunately, this single-bucket approach doesn’t tell the whole story, where victims are simultaneously part of different cybercrimes.”

Pandemic Loneliness Fueled Rise of Pig Butchering

Pork butchering began in Asia, where it got its name, but the pandemic has created an opportunity for threat groups to expand their operations in the US, Tokazowski explained.

“Based on reports from insiders tracking the scam, the actors have again used their techniques to start targeting those in the west,” he said. “Due to the increased isolation of the pandemic, it has left people alone and vulnerable at home, anxiously awaiting any love connection. Scammers have taken advantage of this and that is why we have seen such a sharp increase .”

Experts who spoke to Dark Reading about the rise investment scam pointed out that it was essentially a riff on the classic Ponzi scheme.

“The disgusting title scam is essentially a rebrand of a Ponzi/pyramid scam,” said Andrew Barratt, vice president of Coalfire. “Usually done with crypto, where more and more is taken until the mark/victim thinks they’re onto something and puts more and more into their assets in an apparently growing ‘investment,’ before the calls go cold and the money runs out.”

The rise of pork butchery is another example of how cybercriminals are leaning on social engineering to pull off their scams, said Mike Britton, Abnormal Security’s CISO, but it shows a shift in investment over time. for greater compensation.

“Threat actors have seen huge payouts as they move from high-volume/low-yield ‘spray and pray’ campaigns, to targeted, low-volume — but massively high-yield — attacks in social engineering,” Britton explained. “And with these incentives, they’re not slowing down anytime soon.”