Pig Butchering scam are evolving very fast
Introducing scripts into the pig butchering scam: The case of a Taiwanese dummy hacker in Hong Kong
Despite the high level of communication and relationship building that goes into carrying off pig butchering scam, criminals in China are able to expand their work to victims of human traffickers, thanks to the use of script and playbooks.
The first scam Gallagher studied began with a Twitter DM that simply said “Hallo.” He didn’t respond until almost a month later, but once he responded with “Hello, sorry it has taken me so long to respond” the swindle was off and running. The attacker persona claimed to be a 40-year-old woman in Hong Kong, and the two began chatting.
Though the swindle has some new twists, you can still see where it’s going. Once the victim has deposited all the money they have and everything the scammers can get them to borrow, the attackers shut down the account and disappear.
The Sophos Project: Pig Butchering for the Whole Hog: A Gameplay between Social Engineering and the Technical Side of the P.A.D. Scenario
Sean Gallagher, a senior threat researcher at the security firm Sophos, has been researching pig butchering for the last three years and claims that it is going for the whole hog. They go after people who are vulnerable. Some of the victims are people who have long-term health problems and feel isolated. They want to get every last bit of oink, and they are persistent.”
The senior threat researcher at Sophos followed two scam campaigns that had targeted him on personal accounts and devices. Beginning in October, he engaged with the scammers on Twitter DM and SMS text messaging to see where the rabbit hole would take him.
“What was interesting was that, when I played them out, one was more ingenious on the technical side, and the other was more advanced on the social engineering side, but both seem to be having success,” he says. It’s a huge game of Whac-A-Mole trying to deal with this.
He told the persona that he is a researcher in the cybersecurity field. “So you’re a cop?” the persona replied. When Gallagher said he wasn’t, the conversation moved on. Do you know what the spot market is for gold? The person asked, what are you doing? “The London gold spot market is a reliable platform. I’m using this to make money.
The interactions, known as “social engineering,” were relatively weak for a pig butchering scam, Gallagher says. Even when the person was sending photos, the timing was always awkward and abrupt. At one point Gallagher told the actor that it was suspicious to bring up gold investments so early after first starting to talk to someone. “Haha, yes. The persona said that he needed to let you know what he was doing.