A prominent virtual currency investment scam, with the demeaning label “pig butchering,” is creating significant financial and emotional harm for countless victims around the world – criminals defrauded victims of more than $2 billion USD in 2022.
Known as financial grooming or relationship-investment fraud, the scam is socially engineered and based on trust-enablement – bad actors develop relationships and build trust with their victims, convincing them to invest money before defrauding them of everything. Largely perpetrated within Southeast Asia, criminal organizations coerce victims of human trafficking to carry out the scheme.
Anatomy of the Scam
Bad actors typically establish contact with victims via dating apps or social media. The criminal takes their time to build a relationship with the victim, posing as a successful investor. Once trust is established, the criminal inevitably introduces the idea of virtual currency investments, promising lucrative returns. The scammers use fake websites and apps to falsify investment returns leading their victim to believe the investments are legitimate. Ultimately, when they have successfully defrauded their victims, the fraudster will cease all contact.
Fraudsters are ruthless – targeting victims for all they’re worth. The devastation of financial loss is compounded with shame and extreme psychological toll.
FinCEN’s Red Flags to Alert Financial Institutions
FinCEN has worked with law enforcement to identify financial red flags that can assist financial institutions to detect, prevent, and report suspicious activity related to financial grooming or relationship-investment fraud. Red flag indicators include, but are not limited to:
Behavioral Red Flags
- A customer with no history or background of using, exchanging, or otherwise interacting with virtual currency attempts to exchange a high amount of fiat currency from an existing or newly opened bank account for virtual currency or attempts to initiate high-value transfers to VASPs.
- A customer mentions that they were instructed by an individual who recently contacted them to exchange fiat currency for virtual currency at a virtual currency kiosk and deposit the virtual currency at an address supplied by the individual.
- A customer appears distressed or anxious to access funds to meet demands or the timeline of a virtual currency investment opportunity.
Financial Red Flags
- A customer uncharacteristically liquidates savings accounts prior to maturation and then subsequently attempts to wire the liquidated fiat currency to a VASP or to exchange them for virtual currency.
- A customer takes out a HELOC, home equity loan, or second mortgage and uses the proceeds to purchase virtual currency or wires the proceeds to a VASP for the purchase of virtual currency.
- Accounts with large balances that have limited activity begin to show constant, uncharacteristic, sudden, abnormally frequent, or significant withdrawals of large amounts of money being transferred to a VASP or being exchanged for virtual currency.
Technical Red Flags
- System monitoring and logs show that a customer’s account is accessed repeatedly by unique IP addresses, device IDs, or geographies inconsistent with prior access patterns. Additionally, logins to a customer’s online account at a VASP come from a variety of different device IDs and names inconsistent with the customer’s typical logins.
- A customer mentions that they are transacting to invest in virtual currency using a service that has a website or application with poor spelling or grammatical structure, dubious customer testimonials, or a generally amateurish site design.
- A customer receives a large amount of virtual currency such as ether at an exchange, subsequently converts the amount to a virtual currency with lower transaction fees such as TRX, and then abruptly sends it out of the exchange.
Financial institutions are integral to identifying criminal patterns and emerging fraud typologies and protecting their customers from fraudulent activity. By knowing the red flags associated with relationship investment fraud financial institutions can be instrumental in stopping payments to high-risk payees and prevent their customers from becoming victims.
A Consortium Approach to Fraud Detection
Verafin combines behavioral analytic techniques with insights from our Consortium Analytics to detect and disrupt payments fraud. This approach leverages our consortium of over 2400 financial institutions to provide a complete picture of risk — without sharing Personally Identifiable Information (PII). Consortium analytics combine cross-institutional data to reduce false positives by identifying low risk accounts, and alerts to higher-risk payments when an account is unknown to the network. With over 575 million counterparty profiles, our approach helps financial institutions ensure transfers are destined to a beneficiary with a history of legitimate activity.
With consortium data and analytics and awareness of the red flag indicators of financial grooming or relationship-investment fraud, institutions can protect customers from heinous criminals and prevent the pain and loss caused by this prevalent fraud scheme.