Don’t fall for this pig butchering scam

Posted on by

A friend of mine recently fell victim to what is now called pig butchering. Jane, as I will call her, lives in St. Louis. She is a well-educated woman with multiple degrees and decades of management experience. But Jane is also out more than $30,000 and has had her life upended as a result of this experience, having to change bank accounts, email addresses and obtain a new phone number..

The term refers to a complex cybercrime operation that has at its heart the ability to control the victim and compel them to withdraw cash from their bank account and send it via bitcoin to the scammer. The reason why this scam works is because the victim is taking money from their account. The various fraud laws don’t cover you making this mistake. I will explain the details in a moment.

Many of us are familiar with the typical ransomware attacks, where the criminals receive the funds directly from their victims: these transactions might be anonymous but they are reversible. So let’s back up for a moment and track Jane’s actions leading up to the scam.

In Jane’s situation, the attack began when her computer received a warning message that it had been hacked and for her to call this phone number to disinfect it. Somehow, this malware was transmitted, typically via a phishing email. This is the weak point of the scam. Every day I get suspicious emails — most are caught by the spam filters, but occasionally things break through. As I was helping Jane get her life back on track, my inbox was flooded with email confirmations of an upcoming stay at a hotel. At one point, I think I had a dozen such “confirmations.” Perhaps the guest made a legitimate mistake and used my email address — but more likely, as these emails piled up, this was an attempted phishing scam. 

Anyway, back to Jane. She called the number and the attacker proceeded to convince her that she was the victim of a scammer — which ironically was true at the time, and probably the first and last thing he said that was true. Her computer was infected with all sorts of child porn, and she could be legally liable. She believed the scammer, and over the course of several hours, stayed on the phone with him as she got in her car, drove to her bank and withdrew her cash.

Now, in the cold light of a different day, Jane understands her mistake. “I was a lawyer. I should have recognized this was all a fabrication,” she told me, rather abashedly. “I should have known better but I was caught up in the high emotional drama at that moment and wasn’t thinking clearly.” Eventually, her attacker directed her to a bitcoin “ATM” where she could feed in her $100 bills and turn it into electrons of cybercurrency. Her attacker had thoughtfully sent her a QR code that contained his address. Think about that — she is standing in a convenience store, feeding $100 bills into this machine. That takes time. That takes determination. 

Jane is computer literate, but doesn’t bank online. She manages her investments the old-fashioned way: by calling her advisors or visiting them in person. She has a cellphone and a computer, and while I was helping her get her digital life back in order we were remembering where we were when we first used email many decades ago and how new and shiny it was before scammers roamed the interwebs.

So how did the scam unravel? After spending all afternoon on the phone, the scammer got greedy and wanted more fat on the pig, so to speak. She called him back on her special hotline number and he asked her to withdraw more money from her bank account. She went back to her bank, and fortunately got the same teller that she had the day before. He questioned her withdrawal and that brought the butcher shop operation to a halt when she revealed that she was being directed by the scammer.  

But now comes the aftermath, the digital cleanup in Aisle 7. And that will take time, and effort on Jane’s part to ensure that she has appropriate security and that her contact info is sent to the right places and people. But she is still out the funds. She knows now not to get caught up in the moment just because an email or a popup message tells her something. 

Avoiding pig butchering scams means paying attention when you are reading your email and texts. Don’t multitask, focus on each individual message. And when in doubt, just delete. 

6 thoughts on “Don’t fall for this pig butchering scam

  1. I heard from one reader, who is a cyber expert.

    My wife has her own laptop PC and is an AOL mail user. She routinely has 250 new emails a day since she never opts out. About 60 days ago she got a shocking display on her laptop that her computer was compromised with obscene pictures and a notification that all of her data was in the public domain. There was a number to call to “fix the problems” that was a “Microsoft Partner.” She called the number.

    The person on the other end of the phone had an accent that made him a little difficult to understand but my wife was kind of frantic since her computer seemed to be locked and compromised. The person on the phone said he thought it would cost about $250 to fix her computer (she could put that money on her credit card) but he said that getting rid of the infection might require additional work and she might consider using a specific consultant on a time and materials basis (approximately $200 per hour) to assure all issues would be resolved.

    While on the phone, she yelled out to me (lucky I was home at the time) and I looked at her computer. I immediately turned off her computer and listened to the person on the phone and questioned his credentials. The fellow was well coached on how to answer the questions but I realized that this must be a scam and hung up the phone. I rebooted the computer and found the software that had been downloaded to my wife’s computer. I deleted it and ran several scans and all returned to normal.

    Had I not been home at the time, my wife would have fallen victim to this scam. I told my wife that she was not alone and that she had done the right thing but predators were everywhere.

    Reply

  2. Doesn’t the cashier at the convenience store stop her or at least have a conversation with her?
    That might have helped her..
    .stop and think…and avoid shafting money in the machine at that wee hours

    Reply

  3. Another variation is a call from “law enforcement” or the “FBI” that want your help in catching a scammer. So easy to get sucked in.

    Reply

  4. Great story. It’s hard to believe that an intelligent, informed person could fall prey to a scammer, but it happens. Thanks for the reminder.

    Reply

  5. “when in doubt, just delete.”

    Words to live by. Or at least to make into a tee-shirt. I don’t miss this work. Same old…

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.