Friday Phish Fry

Phishing Email Alerts

Catch of the Day: Pig Butchering

Examples of clever phish that made it past my spam filters and into my inbox. Some are sent by clients or readers like you, and other reliable sources on the Internet.

You can send phishing samples to me at

My intention is to provide a warning and show current examples of phishing scams, related articles, and education about how these scams and exploits work, and how to detect them in your inbox. If the pictures are too small or extend off the page, double clicking the image will display them in a photo viewer app.

There Is a New Trend in Social Engineering With a Disgusting Name; ‘Pig-butchering’

The technique began in the Chinese underworld, and it amounts to an unusually protracted form of social engineering. The analogy is with fattening up a pig, then butchering it for all it’s worth. In this case the analogy is a bit off, since the criminal doesn’t really fatten up the pig, not that much, anyway, but it works at least this far: they develop their marks slowly, and they get the marks to fatten up the fraudulent accounts they ultimately drain.

It begins with a cold call, without there necessarily being any other preparation. “Scammers cold-contact people on SMS texting or other social media, dating, and communication platforms,” Wired writes. “Often they’ll simply say ‘Hi’ or something like ‘Hey Josh, it was fun catching up last week!'”

And an act of common courtesy, telling the caller in effect they’ve got the wrong number, sets the social engineering in train. “If the recipient responds to say that the attacker has the wrong number, the scammer seizes the opportunity to strike up a conversation and guide the victim toward feeling like they’ve hit it off with a new friend. After establishing a rapport, the attacker will introduce the idea that they have been making a lot of money in cryptocurrency investing and suggest the target consider getting involved while they can.”

Like any classic confidence game, pig-butchering works by developing rapport with the victim. That rapport may be rooted in loneliness (a lot of pig-butchering begins with contact on dating sites) or it may be rooted in a desire for financial gain.

That second motive is often derided as “greed,” but that seems unfair–it’s as often as not a desire for financial security, and the criminals use the trust the victims develop for them over time to induce them to move funds into bogus financial services accounts that the criminals can eventually access, drain and close out.

“Next, the scammer gets the target set up with a malicious app or web platform that appears trustworthy and may even impersonate the platforms of legitimate financial institutions,” Wired explains. “Once inside the portal, victims can often see curated real-time market data meant to show the potential of the investment. And once the target funds their ‘investment account,’ they can start watching their balance ‘grow.’

“Crafting the malicious financial platforms to look legitimate and refined is a hallmark of pig butchering scams, as are other touches that add verisimilitude, like letting victims do a video call with their new ‘friend’ or allowing them to withdraw a little bit of money from the platform to reassure them. The latter is a tactic that scammers also use in traditional Ponzi schemes.”

[CONTINUED] at the KnowBe4 blog:




About the Author:

I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.