New pig butchering scam looks to lure in victims with fake gold
No, you’re not investing in gold with your new, attractive, best friend
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
Cybersecurity researchers from Sophos have a new cyber scam that looks to lure in victims with the promise of lucrative gold returns.
The two new “pig butchering” campaigns, which are elaborate fraud scams that can last for months, saw the attackersimpersonatea wealthy, attractive female on social media, and approach potential “pigs” (victims).
After some back-and-forth, the attackers would try and convince the victims to invest in a cryptocurrency platform, promising riches and wealth. The platform is actually fake and all of the “invested” money actually ends up on the accounts of the attackers.
Going after the whole hog
What makes these new campaigns stand out is that the crooks are looking to diversify their portfolio. Usually, they would try and steal people’s cryptocurrency, mostly because it’s easier to steal and harder for law enforcement to confiscate and return.
However, the crooks were now observed moving into precious metals, as well. Of the two campaigns, one is based in Hong Kong and involves a fake gold trading marketplace. The other one is based in Cambodia and involves stealing people’s cryptocurrency. Apparently, they managed to rake in $500,000 in just a month.
“Since the start of the pandemic, this type of cyberfraud has massively expanded,” commented Sophos’ Sean Gallagher, principal threat researcher.
Check out the best malware removal software right now>This hot new crypto release could actually just be a huge scam>Crypto scams are now a billion-dollar market
“These scammers are now targeting people on all major social media platforms or even direct message, and they’re not limiting themselves to just exploiting crypto but also gold and other forms of currency or trading value. They’re quite literally going after the whole hog.”
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
According to Gallagher, the attackers were “less polished” in terms of social engineering, meaning they weren’t as convincing as some other threat actors. Technically, however, they were more sophisticated, as they used an elaborate combination of “highly effectiveSEO”, polished scam landing pages, and a pirated version of a legitimate trading app with additional malicious code.
They were also active in updating the scam infrastructure, to make sure they remain operational.
As usual, the best way to protect against these threats is to use common sense. If something’s too good to be true, it probably is. And when a beautiful woman approaches you on LinkedIn with an investment opportunity, be very, very sceptical.
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.
Cisco issues patch to fix serious flaw allowing possible industrial systems takeover
Washington state court systems taken offline following cyberattack
Google TV will require more RAM for future upgrades – which might leave older TVs and streaming boxes behind
