ChooseFI Episode 515 Summary: Cyber Security Update – Social Engineering & Pig Butchering

Release Date: October 11, 2024
Hosts: Brad (ChooseFI) and Tom (Former FBI Special Agent, Cryptocurrency Investigator at Binance)

Introduction

In Episode 515 of ChooseFI, host Brad welcomes back Tom, a former FBI special agent now working in cryptocurrency investigations for Binance. Building on their previous discussion from Episode 397, the episode delves into the evolving landscape of cybersecurity threats, specifically focusing on social engineering tactics and a prevalent scam known as "pig butchering."

Understanding Pig Butchering

Pig butchering is a sophisticated investment scam where perpetrators "fatten up" their victims by building trust and developing relationships before extorting large sums of money. Tom explains:

"[...] pig butchering, it's obviously not a great term or an affectionate term when you start talking about like scamming people, but that's what it's just been called. [...] scammers are building up trust, they're developing relationships with people online, quote unquote, fattening them up, and then they will fleece them of their money."
— Tom [02:32]

Key Characteristics:

• Relationship Building: Scammers engage victims through unsolicited messages, dating apps, or social media, creating a facade of friendship or romance.
• Promise of High Returns: Victims are enticed with unrealistic investment opportunities promising exorbitant returns (e.g., 50% or 100x returns).
• Target Demographics: While often associated with elder fraud, the scam also heavily targets individuals aged 18-49, including those active in the crypto community.

How the Pig Butchering Scam Operates

Initial Contact:

• Unsolicited Messages: Victims receive random texts or messages, often impersonating someone they might know or a celebrity (e.g., fake George Clooney profiles).
• Social Engineering: Scammers exploit platforms like dating apps, LinkedIn, and even real estate leads to initiate contact.

"Another really common one is if you have liked say a certain actor on social media. Well, they see your profile as liking, I don't know, George Clooney, right. So George Clooney. They will then make a fake George Clooney profile and then Specifically message you."
— Tom [09:35]

Building Trust:

• Consistent Interaction: Daily scripted conversations that foster a sense of intimacy and trust.
• Isolation: Scammers encourage victims to isolate themselves from friends and family to prevent exposure of the scam.

Escalation to Financial Loss:

• Investment Platforms: Direct victims to lookalike investment websites where their funds are ostensibly "growing" but are actually siphoned off.
• Final Straw: Often, scammers request additional funds for processing fees or to unlock supposed higher returns, leading to significant financial losses.

"The key is using only reputable companies and not sending money to people online that have just sent you a link or a unsolicited text message or anything like that."
— Tom [17:50]

Impact and Statistics

Tom reveals the staggering scope of these scams:

• Daily Victims: Approximately 57,000 Americans are scammed every day.
• Financial Impact: The pig butchering scam alone constitutes a $3 trillion industry, with individual scam operations raking in about $50 billion annually.
• Personal Stories: Tom shares heartbreaking instances, such as individuals losing upwards of $700,000, and even taking extreme measures like securing second mortgages to fund the scam.

"I've had people take out second mortgages, home equity, lines of credits, do all kinds of stuff to generate more funds to send to these scammers."
— Tom [10:30]

Protecting Yourself

Preventative Measures:

• Avoid Unsolicited Communications: Delete unexpected texts or emails without engaging.
• Verify Sources: Always check the legitimacy of the sender by directly accessing official websites rather than clicking on provided links.
• Skeptical of High Returns: Be wary of any investment promising guaranteed returns above 14%, as suggested by Brad.

"If something is earning guaranteed, quote unquote, like 10% or more in a year, you got to. Your spidey sense needs to come up of like, okay, there might be more risk here than I otherwise anticipate."
— Brad [05:31]

Educate and Inform:

• Community Awareness: Tom emphasizes the importance of spreading awareness within personal networks to protect vulnerable individuals.
• Code Phrases: Implementing code words with family members can serve as a verification method against impersonation scams.

"If you bring this up in conversation, I'm like, if you bring this up in conversation, I will come to you anywhere, anytime, any place in the world immediately like this. I know this is like Code Red, and I know also that it's you, frankly."
— Tom [34:06]

Action Steps if Victimized

Immediate Actions:

• Report to Authorities: Contact local police, FBI, Secret Service, or IRS immediately. Utilize platforms like IC3.gov (Internet Crime Complaint Center) for official reporting.
• Avoid Recovery Scams: Steer clear of unsolicited recovery services that demand upfront fees, as many are fraudulent.

"If you are a victim of this, contact the police immediately. Contact your local police. [...] The key is report it as soon as possible."
— Tom [28:00]

Law Enforcement Collaboration:

• Potential for Restitution: Quick action may allow law enforcement to seize and recover funds before scammers can hide or convert them.
• Beware of Impersonators: Scammers might pose as recovery experts post-scam, attempting to extract more funds from victims.

Evolving Threats: AI and Voice Spoofing

The integration of Artificial Intelligence into scams introduces new challenges, such as voice spoofing, which allows scammers to convincingly mimic trusted individuals.

"Jeremy Schneider ... puts out those amazing infographics. [...] Jeremy Schneider put up is in this day and age of people being able to spoof your voice."
— Brad [31:29]

Mitigation Strategies:

• Code Phrases: As previously mentioned, having predetermined code phrases with family members can help verify authenticity.
• Vigilance: Always verify through multiple channels before taking any financial actions based on unsolicited communications.

"The lesson there is exactly what you do is take whatever information, if you're getting an email or a text or anything [...] Log into my app or the website the way I always do and verify that."
— Tom [25:18]

Conclusion

Episode 515 of ChooseFI serves as a crucial reminder of the ever-evolving threats in the cybersecurity landscape, particularly within investment scams like pig butchering. Through Tom's expert insights and real-world examples, listeners gain a comprehensive understanding of how these scams operate, their devastating impact, and actionable steps to protect themselves and their loved ones. Emphasizing education, vigilance, and immediate action, the episode underscores the importance of community awareness in combating financial fraud.

Notable Quotes:

• "The pig butchering scam is becoming a $3 trillion industry."
  — Tom [06:44]

• "Any investment promising guaranteed returns above 14% should raise red flags."
  — Brad [05:31]

• "If you ever receive a link from Brad, do not click it because Brad did not send you that link."
  — Tom [17:50]

For further information and resources discussed in this episode, listeners are encouraged to subscribe to the ChooseFI newsletter and join local groups for ongoing support and education.