Pig Butchering & Investment Scams: The $3B Cybercrime Threat Overtaking BEC

A novel take on investment scams mixes romance and the lure of crypto riches to con targets out of "the whole hog" of their assets.

Piggy bank with heart
Source: Claudine Weber-Hilty via Alamy Stock Photo

Pig butchering is a repulsively named, rising investment scam that uses a potent mix of the promise of romance and the lure of making easy cryptocurrency millions against its unsuspecting targets.

Through a careful process of "fattening up" victims with small returns on cryptocurrency deals and personal interactions, often with a romance element, all of which is meant to convince them to invest wildly. If successful, as they often are, threat actors are able to make off with the "whole hog" of their targets' assets.

Investment fraud as a category, of which pig butchering is a subset, cost victims about $3 billion in 2022, making it the top cybercrime loss leader, overtaking business email compromise (BEC) and even ransomware, according to a new analysis from Cofense of the latest FBI Internet Crime Report (IC3).

Within that, Cofense researcher Ronnie Tokazowski says that Cofense observed a 127% rise in pig butchering cases in 2022, though the latest IC3 doesn't specifically break out the threat. 

"FBI has mentioned pig butchering as a scam in several public alerts, news outlets have reported a massive increase, and seeing this missing is very surprising," Tokazowski says, noting that one alert was issued in New Mexico to warn residents about the rise of pig butchering scams during last December's holiday season.

"I have spoken with IC3 in the past, and this [oversight] may be a result of how metrics and data are collected," Tokazowski explains about his findings. "What I mean by that is if a victim initially [calls something] 'crypto investment' even though there may be a romance scam angle to it, this would ultimately be put in the 'crypto investment' bucket. Unfortunately, this single-bucket approach doesn’t tell the whole story, where victims are simultaneously part of different cybercrimes."

Pandemic Loneliness Fueled Rise of Pig Butchering

Pig butchering started in Asia, where it got its name, but the pandemic created an opportunity for threat groups to expand their operations into the US, Tokazowski explains.

"Based on reports from insiders tracking the scam, actors retooled their approaches to start targeting those in the west," he says. "Due to the increased isolation of the pandemic, this left people alone and vulnerable at home, anxiously awaiting any love connection. Scammers capitalized on this and is why we saw such a steep rise."

Experts who spoke to Dark Reading about the rising investment scam pointed out that it's essentially a riff on the classic Ponzi scheme.

"The abhorrently titled scam is essentially a rebrand of a Ponzi/pyramid scam," says Andrew Barratt, vice president of Coalfire. "Often executed using crypto, where more and more is taken until the mark/victim essentially thinks they’re onto a sure thing and puts more and more of their assets into an apparently growing 'investment,' before the calls go cold and the money is gone."

The rise of pig butchering is yet another example of how cybercriminals are leaning into social engineering to pull off their scams, Mike Britton, Abnormal Security's CISO says, but it demonstrates a shift to more time investment for a bigger payoff.

"Threat actors have seen huge payouts in their shift from high volume/low yield 'spray and pray' campaigns, to targeted and low volume — but massively high yield — social engineering attacks," Britton explains. "And with these incentives, they won’t be slowing down anytime soon."

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights