When Kelly Mitchell, 56, had her Facebook account hacked by scammers, she didn’t realize that she had joined the group of nearly one million people who had been a part of ransomware attacks, phishing attacks, or data security breaches in the past year.
In what’s become a more common trend, cryptocurrency and its growth has also led to an industry of scam artists looking to infiltrate people’s lives on social media with the goal of walking away with someone else’s money. It means that people, like Mitchell, must be more careful when going online, experts say.
Mitchell, co-founder of Dallas-based Mitchell Garman Architects, had been off Facebook for over half a year when she realized she was unable to access her account. Later, she realized her account was overtaken with poorly photoshopped images promoting a bogus company’s crypto scheme on Mitchell’s account.
It’s a tactic that has become all too common, said Eric O’Neill, former counter intelligence operative at the FBI and national security strategist for cybersecurity company NeXasure.
The crypto scam that had gotten Mitchell was likely a combination of an impersonation attack, where cyber criminals make it seem like they’re someone else, and “pig butchering,” which is when scammers will try to get people to make long-term investments into bogus schemes until the scammer has the money they want, O’Neill said.
“Pig butchering is what you’re seeing a lot of in the crypto space where attackers will impersonate someone, get their target to believe the lie and continue to invest more money until the scheme is fattened up,” he said. “Then, the attacker will butcher the pig, the scam in this instance, and disappear.”
Mitchell wasn’t alone, according to the Federal Trade Commission. Crypto scams lost Americans $1.41 billion over 47,537 fraud reports, the FTC said in its 2023 data book. In 2021, the commission also said reports of cryptocurrency fraud have “skyrocketed” in recent years.
Facebook/Meta did not respond to an interview request from The Dallas Morning News. But its near 3 billion active users, many of which are fake accounts, amps the need for individuals to address online safety on social media has only grown in recent years, said Paul Bischoff, consumer privacy expert and editor at Comparitech.com.
“I think we have to take it upon ourselves to clean up our own online spaces,” he said. “We need Facebook to do more to make it a safe space for users but Facebook doesn’t have enough people to handle the volume of complaints it gets. That’s just the state of where we are now.”
Even Texas crypto leaders Lee Bratcher, founder and president of the Texas Blockchain Council, has long said that the lack of education is one of the biggest problems he hopes he can help the state address.
“The Texas Blockchain Council is strongly in favor of policies that protect consumers from scammers,” he said. “Education is the cornerstone of fraud prevention and we are heartened by the efforts of many digital asset service providers to include warnings against fraud throughout their onboarding process.”
How do you protect yourself?
It’s all about basic internet hygiene. Despite the annoyance that applying tools like two-factor authentication and using complicated passwords may bring users, it should be everyone’s first step, said Stephanie Talamantez, a former FBI agent who used to serve as an agent on cryptocurrency fraud cases.
“Fraudsters will always go to wherever they can find funds,” she said. “So I know that everyone hates it, but applying those additional steps and safeguards goes a long way.”
Mitchell’s account, which had been overtaken by the scammer, was also posting religious messages, another common tactic which users need to be wary of, Bischoff said. Scams involving religion are often called affinity scams and scammers commonly rely on people’s beliefs to get their money, he said.
But users need to keep their eye on more than just affinity scams.
Treating anything that promises big returns on an investment or anything from a suspicious account, like one with a low follower count or no mutual connections should raise a red flag, O’Neill said.
“The problem is, people trust what they see,” he said. “But we need people to change their mindset to taking a moment to see whether they can verify if whatever they’re reading is something they can trust. That’s the only way to defeat these sorts of things.”
Artificial intelligence has also changed everything in online fraud schemes. Scammers who previously may have had problems with English now have access to tools like ChatGPT which can attempt to replicate the writing styles of companies or people.
So using tools like GPTZero, which claim it can detect when something is written by AI, is another useful tool.
“The fact of the matter is that no, you did not win the lottery, the Nigerian prince doesn’t want to put all his fortune in your hands and crypto investment schemes won’t make you a millionaire overnight,” O’Neill said. “So we need people to be more diligent online. If you’re always looking for a scam, you’ll be better off in avoiding them.”