“They were investing a lot of time into this — three months of constant messages — and had some interesting techniques — the e-signed contract [tied to a Gmail address] — that I thought would make a good story to share,” Williams told CSO.
Pig-butchering dissected
Ashley Jess, Intel 471’s senior intelligence analyst, said the mechanism of the fraud documented by Williams is typical of pig-butchering scams.
“Threat actors frequently initiate contact on legitimate, trusted platforms — for example, LinkedIn job posts or recruiter outreach — because those venues lower a victim’s guard,” Jess explained. “Once rapport is established, the conversation is moved to private channels — WhatsApp, Telegram, DM — and then eventually to sham trading or investment sites where the victim is encouraged to deposit funds, though they may begin on a legitimate platform, such as in this example, before moving to an illegitimate one.”
