New pig butchering scam looks to lure in victims with fake gold

Fraud
Image Credit: Shutterstock (Image credit: Gustavo Frazao / Shutterstock)

Cybersecurity researchers from Sophos have a new cyber scam that looks to lure in victims with the promise of lucrative gold returns.

The two new "pig butchering" campaigns, which are elaborate fraud scams that can last for months, saw the attackers impersonate a wealthy, attractive female on social media, and approach potential “pigs” (victims). 

After some back-and-forth, the attackers would try and convince the victims to invest in a cryptocurrency platform, promising riches and wealth. The platform is actually fake and all of the “invested” money actually ends up on the accounts of the attackers.

Going after the whole hog

What makes these new campaigns stand out is that the crooks are looking to diversify their portfolio. Usually, they would try and steal people’s cryptocurrency, mostly because it’s easier to steal and harder for law enforcement to confiscate and return. 

However, the crooks were now observed moving into precious metals, as well. Of the two campaigns, one is based in Hong Kong and involves a fake gold trading marketplace. The other one is based in Cambodia and involves stealing people’s cryptocurrency. Apparently, they managed to rake in $500,000 in just a month.

“Since the start of the pandemic, this type of cyberfraud has massively expanded,” commented Sophos’ Sean Gallagher, principal threat researcher. 

“These scammers are now targeting people on all major social media platforms or even direct message, and they’re not limiting themselves to just exploiting crypto but also gold and other forms of currency or trading value. They’re quite literally going after the whole hog.”

According to Gallagher, the attackers were “less polished” in terms of social engineering, meaning they weren’t as convincing as some other threat actors. Technically, however, they were more sophisticated, as they used an elaborate combination of “highly effective SEO”, polished scam landing pages, and a pirated version of a legitimate trading app with additional malicious code.

They were also active in updating the scam infrastructure, to make sure they remain operational.

As usual, the best way to protect against these threats is to use common sense. If something’s too good to be true, it probably is. And when a beautiful woman approaches you on LinkedIn with an investment opportunity, be very, very sceptical. 

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
Phishing
Hackers are abusing Zendesk to run brand impersonation scams
Representational image of a cybercriminal
Criminals are spreading malware disguised as DeepSeek AI
DeepSeek
Fake DeepSeek installers are infecting your device with dangerous malware
Smartphone with new logo X twitter app background. Application twitter old blue bird change X black and white new.
Phishing campaign targets prominent X users, accounts at risk
Shopping scams
New wave of sextortion scams uses personal details and images to intimidate targets while bypassing traditional security measures
Pirate skull cyber attack digital technology flag cyber on on computer CPU in background. Darknet and cybercrime banner cyberattack and espionage concept illustration.
Mac users targeted with new malware, so be on your guard
Latest in Security
Data leak
Top home hardware firm data leak could see millions of customers affected
Representational image depecting cybersecurity protection
Third-party security issues could be the biggest threat facing your business
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
Broadcom warns of worrying security flaws affecting VMware tools
Android Logo
Devious new Android malware uses a Microsoft tool to avoid being spotted
URL phishing
HaveIBeenPwned owner suffers phishing attack that stole his Mailchimp mailing list
Ransomware
Cl0p resurgence drives ransomware attacks to new highs in 2025
Latest in News
Hisense U8 series TV on wall in living room
Hisense announces 2025 mini-LED TV lineup, with screen sizes up to 100 inches – and a surprising smart TV switch
Nintendo Music teaser art
Nintendo Music expands its library with songs from Kirby and the Forgotten Land and Tetris
An image of Pro-Ject's Flatten it closed and opened
Pro-Ject’s new vinyl flattener will fix any warped LPs you inadvertently buy on Record Store Day
The iPhone 16 Pro on a grey background
iPhone 17 Pro tipped to get 8K video recording – but I want these 3 video features instead
EA Sports F1 25 promotional image featuring drivers Oscar Piastri, Carlos Sainz and Oliver Bearman.
F1 25 has been officially announced, with this year's entry marking a return for Braking Point and a 'significant overhaul' for My Team mode
Garmin clippd integration
Garmin's golf watches just got a big software integration upgrade to help you improve your game