This week, the United States Department of Justice (DOJ) announced the seizure of seven domain names that cybercriminals used to carry out a cryptocurrency scam. The scam in question is known as a “pig butchering” scheme, as the scammers metaphorically led their victims to the slaughter. In these sorts of schemes, the scammers meet their victims online, then slowly build up trust over time by developing phony relationships. Once the scammers determine that their victims are sufficiently trusting of them, the scammers begin to introduce the idea of taking some sort of action. In this case, the scammers persuaded their victims to make business investments in cryptocurrency.
Similar to phishing campaigns, the scammers purchased domain names that could be mistaken for the domain name of a legitimate website. The seven spoofed domains used by the scammers resembled the domain of the Singapore International Monetary Exchange. The scammers then set up fraudulent cryptocurrency investment platforms located at these domains.
Once their victims showed sufficient interest in investing in cryptocurrency, the scammers directed the victims to these fraudulent websites. Since the victims had come to trust the scammers, the victims were likely less scrutinizing of the domain names and websites than they might have been had they simply received messages out of the blue directing them to these websites. The scammers abused this trust to convince the victims that they had the…
