top of page

Romance "Pig Butchering" Scams Pose Danger for Enterprises

This guest blog was contributed by Chris Lehman, CEO, SafeGuard Cyber

Chris Lehman, CEO, SafeGuard Cyber

During “romance week” and Valentine's Day, your heart can be stolen in the blink of an eye, and so can your money. The FBI has warned of “romance” scams, centering the bulletin around the celebration of love, which demonstrates that it’s not just a box of chocolates that’s seducing people, it’s scammers and cyber criminals. Staggering new data from the FTC shows that last year, nearly 70,000 people reported a romance scam, and reported losses hit $1.3 billion. The median reported loss was $4,400.

Romance scams are a variation of what’s called “pig butchering,” a type of social engineering attack that alludes to the practice of fattening up a hog before slaughtering it. The approach combines some time-tested elements of fraud — such as gaining trust. It relies on the effectiveness of relationships nurtured on social media and the ease with which currencies can be moved electronically. In simpler terms, scammers are posing as lovers, gaining the trust of their fake beau, and then asking them for money for gifts, procedures, plane tickets, you name it.

SafeGuard Cyber believes these so called “romance” or “pig butchering” scams point to these main areas of concern for enterprises:

  1. Blurred Lines: The blurred lines between personal use and business use of devices puts companies at risk when it comes to romance scams. Employees often conduct business on personal devices which can put the enterprise at risk. Cyber criminals know this, so they will target employees during business hours, distract them, and gain entry to the enterprise through the employee’s personal device that has access to their employer's information. Attackers can make an even bigger score if they seduce an employee long enough to get in and deploy ransomware.

  2. Similar Tactics: These schemes frequently target individuals over WhatsApp, and typically involve AI-generated profile photos of beautiful women in exotic locales. Attackers claim to have unique knowledge around things like gold prices or cryptocurrency. From a business communication perspective, while pig butchering schemes target individuals for profit. Cybercriminals and nation states use similar tactics to honeypot key employees with privileged access, often starting in social media apps like Instagram or Facebook.

  3. Bigger Reel, Bigger Fish: Organized cybercrime groups that leverage “romance” or “pig butchering” scams bring unprecedented levels of scale to cybercrime and social engineering attacks. The size and scope of their operations is staggering including gray economies that support these illicit operations with ready-made supplies like stock photo bundles, social profiles, and operational playbooks. The bigger the size and scope, the bigger fish they can go after, in this case not just a single person but their employer as well.

  4. Lowering the Barrier, Heightening the Risk: The commodification of social engineering techniques and tactics will result in lower barriers for entry for criminal groups of all sizes, from large syndicates to local street gangs. New Phishing as a Service (PhaaS) kits make high volume phishing (in this case love interest phishing) accessible and easy to execute.

  5. Report It: Out of fear or shame, most romance or pig butchering victims do not report their losses to the authorities or to their employers. Compromised individuals in “romance” or “pig butchering” scams can not only lose a lot of money personally, but can put their organizations at great financial risk if the crime happened during business hours and on a device that has access to business information.

The depth and breadth of these operations is devastating and heartbreaking and the scale of the operation as a whole is astonishing. There is a great human cost to these social engineering scams that come in the form of “romance” or “pig butchering”. Let’s focus on these concerns and raise awareness so that we can protect people and the companies they work for from malicious cyber criminals.



bottom of page