FinCEN recently issued FIN-2023-Alert005 to alert financial institutions about a virtual currency investment scam referred to as “pig butchering”. This term comes from the fact that the scammers seek to “fatten up” their victims by gaining trust with the use of fake identities, elaborate storylines, and potential relationships; only to “butcher” or “slaughter” the victim by then stealing their assets which obviously results in financial and emotional harm. The “butchering” phase often involves convincing victims to invest in virtual currency, or over-the-counter foreign exchange schemes.
Scammers will often use text messages or social media to make initial contact with a victim. They often imply the connection was made by accident (wrong number, etc.). The scammer may claim to be an investor or money manager often showcasing a wealthy lifestyle on social media. Once a victim responds, the scammer begins to build trust, eventually introducing what the scammer portrays as a lucrative investment opportunity in virtual currency. The scammer may direct the victim to investment websites controlled by the scammer, ask to gain remote access to the victim’s devices, have them wire funds overseas, purchase prepaid cards, etc. Once a victim has bought virtual currency, the scammer directs them to “invest” the funds although, in actuality, the funds are funneled to virtual currency addresses and accounts controlled by the scammers.
FinCEN’s Alert includes a number of red flags that financial institutions should be on the lookout for to detect this type of fraud and cybercrime, two AML/CFT Priorities. Institutions filing SARs on related activity should reference the Alert in SAR field 2 and the narrative by noting “FIN-2023-PIGBUTCHERING”. “Fraud-Other” should be selected in Field 34(z) with the description “Pig Butchering”. Institutions should also provide information on other financial institutions involved. In addition to the apps used, the following information can be helpful as well: chat logs, phone numbers, the scammer’s social media username, suspicious email addresses, the type of virtual currency or digital assets involved; virtual currency/digital asset addresses and transaction hashes native to the blockchain(s) involved; and the URL, domain and IP addresses where the victim was to deposit funds. Institutions are also encouraged to refer victims to the FBI’s IC3: https://www.ic3.gov/ and may refer customers to the SEC’s tips, complaints, and referrals (TCR) system in order to report investment fraud: https://www.sec.gov/tcr. Elder victims may also be referred to the National Elder Fraud Hotline (833-FRAUD-11).
Published
2023/09/27
