Internet scams are changing tactics
Western analysts have uncovered a new modus operandi for cybercriminals. Now, online fraud cycles are increasingly becoming shorter and more effective. Yury Zhdanov, Head of the International Bureau of Investigation, Professor, Juris Doctor, Honoured Lawyer of Russia, Lieutenant General of the Ministry of Internal Affairs, spoke about the new cybercrime schemes.
– Yuriy Nikolaevich, have cybercriminals used any new, hitherto unknown technologies?
– No, they have changed tactics. This was reported by specialists from Chainalysis, an analytics company that provides government agencies and law enforcement agencies with tools to track blockchain transactions and helps cryptocurrency exchanges identify malicious wallets. Experts say fraudsters are moving away from static infrastructure and drawn-out schemes in favor of more modern campaigns that use disposable assets.
– What prompted them to do so?
– In short, it is the active opposition of law enforcement agencies. Long-term online fraud is unsafe for crooks, so their operations over the past four years have become much shorter, smaller, simpler, faster. This is despite the fact that their prolonged criminal campaigns can generate higher revenues in the long run.
– Can you elaborate on that?
– There are conclusions from the report on cybercrime for the middle of the year, published by Chainalysis. They show that fraudsters are now updating their online and blockchain-based infrastructures faster than ever before. For example, a huge portion of all fraud revenue tracked by Chainalysis on the blockchain (43%) was sent to wallets that have only become active in the last year — which, according to the company, indicates an upsurge in new fraudulent operations.
This is significantly more than in any other observed year – the previous maximum was 29.9% in 2022 – and it coincides with what Chainalysis described as concerted effort by criminals to dramatically reduce the time they spend on one spam campaign before moving on to another: «Between 2020 and 2024, the average number of days during which frauds were active, has significantly increased, starting with 271 days for scams that started in 2020 and ending with 42 days so far for scams that started in 2024.»
Eriĸ Jardin, head of the Chainalysis Cybercrime Study, said that this trend has coincided with a parallel shift: the online infrastructure used for fraud, such as social media characters, social engineering sites and decoys, is discarded and replaced more quickly, as schemes lasting months or years aimed at a wide audience give way to smaller, more targeted actions.
Jardine explains the logic of crooks this way. «There is no reason, – he notes, – «to dispose of network infrastructure unless you are concerned that it will be tagged, tracked and affected, for example, your ability to cash out, or that it can be traced back to a real person, which will then lead to arrests.»
This, if we talk about the system of exposing criminals and how to hide from these revelations, is not to fuss under the client, as recommended in Odessa. Agree, it is logical.
But there is another reason for the transition to new tactics. According to Western experts, such a scheme is probably more profitable and less risky for cybercriminals in the long term. Yes, large pyramid-like structures may offer a large theoretical payout at the end, but they are associated with high risks: «A lot of income, a really high probability of failure, a really high probability of getting caught and a really low probability of being able to convert the money into fiat currency and get away with it.»
– Fiat? What kind of currency is this?
– Let me remind you that fiat currencies are money not backed by anything: gold, silver or any other valuable commodity. Their value is determined by the government that issued the currency, not by their real value.
Therefore, conducting small and quick transactions using disposable infrastructure allows ĸ cybercriminals to more easily launder the stolen cryptocurrency into fiat dollars and evade law enforcement by moving on quickly.
– So, the victims and the very strategy of «gutting» them have remained the same, only the time spent on the crime was decreased?
– Yes. But at the same time, the number of crimes did not decrease, but only increased, which also increased the number of their victims. By the way, about ‘gutting’ the victim. Fraudsters cynically call one of their tactics Pig Butchering.
– I don’t catch the association…
– There is a direct reference to the practice of increased fattening of pigs on the eve of slaughter. In other words, fraudsters accelerate the maximum amount of trust with their victims (fatten them up) as much as possible before requesting a large sum of money from them.
Even the FBI warned of the growing prevalence of the notorious «pig slaughter,» noting that the bureau received more than 12,000 complaints from victims during the 2022 holiday season, resulting in a loss of more than $73 million. Eric Jardine attributes the change in fraudsters’ behavior to improved attribution of online infrastructure and network services, which increases the time that fraudsters can operate before they are detected. This has led to a reduction in long-term fraudulent transactions.
– Have fraudsters developed, so to speak, any preferences in the range of crimes?
– Chainalysis is now noticing a surge in social media transactions in the field of romantic relationships. But that is nothing new. Adepts of «pig slaughter» precisely specialise in fake investments and romantic relationships on the Internet.
– What is the scheme of this fraud?
– As experts explain, it all starts with some random message in a messenger, social network or SMS. The scammer either pretends to have sent the message to the wrong recipient, or refers to some distant mutual acquaintances, about whom it is easy to find out from the profile on the social network. If the victim replies to the scammer, saying that you have the wrong number, the scammer politely apologises and tries to start a non-binding conversation. Message after message, the victim and the scammer develop an ongoing relationship.
Scammers, being excellent psychologists and manipulators, specially select victims in such a way as to increase the chances of such a promising «accidental» acquaintance. That is, they are looking for well-off, but lonely and vulnerable people who may not mind at all to start communication with a friendly stranger. The goal of the scammer is to build at least a friendly relationship with the victim and ideally a romantic connection.
The scammer gains the victim’s trust and lulls his vigilance. However, sooner or later, the crook somehow directs the conversation to financial topics. The bottom line is that the scammer carefully provides the victim with the opportunity to invest money profitably.
– Is it possible?
– Of course not. A very convincing and even somewhat beautiful illusion is created. For example, classic instruments such as stocks, bonds, futures and options can be offered. But lately, this has most often been associated with some «promising» cryptocurrency projects. The overall complexity and opacity of the topic, together with the ease of funds movement, make crypto an ideal environment for such fraud.
– It’s tempting. But at this stage, an intelligent person might get alarmed and suspect something amiss…
– But the fraudster is quick to reassure this «smart» person: there is no need to transfer any money to him personally or to anyone connected with him. The «client» just needs to create an account on the trading platform and try to deposit some money there to see how it works.
– Does it work?
– It sure does! An important detail of the Pig Butchering scheme is that at all its stages, the fraudster is careful to maintain the victim’s illusion of control.
The victim creates an account on the trading platform on his own and can independently choose what to trade there.
The scammer only gives unobtrusive advice, helping to make everything faster and easier – and, of course, as profitable as possible. The trading advice given by the scammer turns out to be successful – who would doubt (everything is under control).
The victim quickly receives the first profit on the trading platform, gets excited and begins to deposit more and more money to earn even more.
But when a sufficient amount is accumulated on the account or the victim tries to withdraw money from the platform, it turns out that the trading platform was fake, and all the incredible profits it received were fake too. And the real money, of course, has long disappeared in an unknown direction and the fraudster stopped communicating with the victim and deleted the accounts used for the «divorce». In essence, it is a virtual «thimble».
Often the amounts stolen by fraudsters reach tens or even hundreds of thousands of dollars, or even millions.
– How not to get caught in such a «slaughter»?
– You should be cautious about casual online acquaintances, even if the person has been communicating with you for a long time and does not seem to be a deceiver. You should not recklessly invest in incomprehensible investment schemes, even if you are shown their allegedly high profitability. Remember? Greed is a fool’s greed.
This is especially true of cryptocurrency — due to the specific nature of this sphere, the number of fraudsters in it is very high. And all transactions in the blockchain are irreversible and are not insured by anyone.
Author: Andrey Yashlavsky
