Fraud schemes explained: Proxy Phantom, Pig Butchering, and Crypto Cashout
The battle against digital fraud intensifies every day. Among the countless threats that lurk on the internet, increasingly advanced fraud schemes and organized fraud rings loom large as risks to the trust and safety of businesses and consumers.
As cybercriminals continuously refine their tactics, businesses must remain proactive in bolstering their defenses to protect users from the dangers of fraud. In this blog, we delve into the world of fraud schemes and provide best practices for protecting users from these attacks.
What is Proxy Phantom?
In recent years, Sift discovered a sophisticated attack dubbed “Proxy Phantom,” a fraud ring that spanned across multiple large IP clusters within the Sift global network. Proxy Phantom was targeting e-commerce businesses around the world, unleashing waves of large-scale account takeover (ATO) attacks. Proxy Phantom leveraged a network of proxy servers to conceal the true source of their attacks, making it challenging for security teams to trace and block their malicious activities.
Sift developed an interactive visualization that provided crucial insights into the Proxy Phantom fraud ring’s operations. The visualization depicted the interconnected web of proxy servers used by the attackers, giving investigators a comprehensive view of the attack infrastructure. This valuable visualization allowed security experts to identify patterns, trace connections, and ultimately thwart the malicious campaign.
What is Pig Butchering?
“Pig Butchering” is a romance scam that preys on vulnerable individuals through dating apps, manipulating them to invest into a fake cryptocurrency exchange.
Pig Butchering begins with a scammer creating a fraudulent profile on a dating app, often using stolen photos to appear genuine. Once the scammer matches with a victim, they move the conversation to a private, encrypted messaging platform.
After building a sense of trust through emotional manipulation, the conversation takes a turn toward cryptocurrency investing. The scammer fabricates false profits on a phony platform, offering their victim the opportunity to invest.
Once the victim has invested a substantial amount of money, the scammer seizes the opportunity to vanish into thin air, cutting off all communication. The victim is left devastated, realizing they have fallen victim to an elaborate and heartless scam.
Listen to our Pig Butchering podcast with Jane Lee, Trust and Safety Architect at Sift, who went undercover to expose how these fraudsters were operating the scam.
What is Crypto Cashout?
“Crypto Cashout” is a fraud scheme that involves a partnership between two fraudsters to obtain stolen funds. The collaboration between fraudsters involves accessing compromised bank accounts, crypto wallets, and crypto exchange accounts to launder money, making it difficult for authorities to trace and recover.
A crypto cashout begins when Fraudster A obtains access to stolen funds; they take to private messaging apps like Telegram to solicit a partner to access bank and crypto accounts. Once a partnership is forged, Fraudster A sends the illicit funds into Fraudster B’s compromised bank account, then Fraudster B transfers the funds from the bank account to a stolen crypto exchange account or wallet.
Fraudster B can further obfuscate their tracks by withdrawing the stolen funds from the crypto exchange to an offline wallet, which is much more challenging for law enforcement to trace. Finally, the fraudsters divide the spoils, ensuring each participant gets a cut of the stolen funds.
How to prevent emerging fraud from impacting your business
Protecting users from fraud schemes like Proxy Phantom, Pig Butchering, and Crypto Cashout is essential for the integrity of online businesses. To proactively secure customer accounts, trust and safety teams need holistic risk assessment methods and an end-to-end solution to accurately surface and prevent fraud. Here are some best practices you can implement to protect your business and users against these attacks:
- User authentication: Implement multi-factor authentication (MFA) to prevent unauthorized access, reducing the risk of ATO attacks like Proxy Phantom and Crypto Cashout. Solutions like Sift Account Defense help teams instantly identify large-scale, bot-based account attacks with ease and confidence using a full suite of built-in MFA tools.
- Continuous monitoring: Advanced fraud detection systems can continuously monitor user activity and transactions for suspicious behavior. Early detection of anomalies can thwart romance scams like Pig Butchering before they move off-site. Sift Content Integrity, for example, helps businesses easily identify phishing scams and spammy text, investigate related content, and take bulk actions to maintain platform integrity.
- User education: Educate users about the potential risks and common fraud schemes associated with online interactions.
- Know Your Customer (KYC): Financial services should enforce robust verification and KYC procedures to verify user identities, which can help prevent money laundering attempts.
Employing advanced fraud detection technologies, educating users, and collaborating with cybersecurity experts form the pillars of a robust fraud prevention strategy. By embracing these measures and continuously improving their security practices, online businesses can effectively protect their users, maintain trust, and uphold the integrity of their digital platforms in the face of ever-evolving fraud threats.
See more fraud schemes on our Fraud Intelligence Center.
The post Fraud schemes explained: Proxy Phantom, Pig Butchering, and Crypto Cashout appeared first on Sift Blog.
*** This is a Security Bloggers Network syndicated blog from Sift Blog authored by Sift Trust and Safety Team. Read the original post at: https://blog.sift.com/fraud-schemes-explained-proxy-phantom-pig-butchering-and-crypto-cashout/?utm_source=rss&utm_medium=rss&utm_campaign=fraud-schemes-explained-proxy-phantom-pig-butchering-and-crypto-cashout
