One day, Khobby received a message about a well-paying online job opportunity in Southeast Asia. Immediately, he was hooked - good salary, an office job, and a paid-for relocation to Laos. Except…it was all a scam.
-
Khobby was invited to work in a well-paying job in Southeast Asia
-
The offer, however, turned out to be a scam known in the cybercrime world as “pig butchering”
A message from an acquaintance on Khobby’s phone said that his company “is hiring” and paying $1,200 per month to new employees.
“He told me it was data entry,” he says, according to Al Jazeera.
At first, Khobby didn’t think that the prospect might be suspicious. The company was paying for his flights, so he decided to just go for it - but upon landing in Laos, he started sensing something was very wrong.
New employers confiscated his Ghanaian passport and physically threatened Khobby - what followed were months of working inside a compound, which he could not leave.
“When I got there, I saw a lot of Africans in the office, with a lot of phones,” Khobby told Al Jazeera.
“Each person had 10 phones, 15 phones. That was when I realised this was a scamming job,” he said.
Khobby had to work long hours and sleep in a dormitory with five other African workers in the “Golden Triangle” region - an area in Southeast Asia primarily known for its past role in opium production.
He was involved in fraudulent schemes, such as enticing victims to invest in fake business portfolios, pay false tax bills, or even entangle them in online romance scams.
“Pig-butchering”
Khobby fell victim to one of a series of cyber-scam operations in Southeast Asia, which entice workers with a vague promise of well-paid jobs in online sales and the information technology industry.
According to researchers from Verizon, fake remote roles are among the top three observed social engineering patterns starting 2019:
“If it’s anything like ours, it’s chock full of messages ‘mistakenly’ sent to the wrong person, invoices for toll roads in other states or ‘remote jobs’ that are too good to be true.”
“In our opinion, the really interesting thing about these types of attacks is not simply the scale of them but also the amount of time attackers seem to be dedicating to building familiarity with the victims,” the report reads.
But what was Khobby actually involved in? His “data entry” job is in fact known in the industry as “pig-butchering” and involves cold-calling or connecting with a victim directly to establish a relationship until they make a first investment.
According to Khobby, there are small returns on these investments to “fatten the pigs” - this is how cybercriminals refer to building trust with their victims.
This process continues until a significant investment is made, and then the victims are “butchered,” meaning the scammers get away with all the profits. At this point, all communication is seized, and no digital trace is left behind.
Khobby is now back in Dubai - and says that he actually received the promised $1,200 monthly salary, as well as signed a six-month “contract” with the Chinese bosses in charge of the operation.
This complicates the victim identity process, as according to Eric Heintz, from the US-based anti-trafficking organisation International Justice Mission (IJM), the payment is often enough for some officials to not identify workers as victims.
Heintz added that workers are also occasionally sold between criminal organisations and moved to other countries.
“We have heard of people being moved from a compound in one country to one in another – for example from Myawaddy to the GTSEZ or Cambodia and vice versa,” he said.
Today, thousands of trafficked workers in Southeast Asia reportedly spend up to 17 hours a day working online to scam people out of their money.
Your email address will not be published. Required fields are markedmarked