Conversational Attacks Fastest Growing Mobile Threat

Written by

Security experts have warned of a 12-fold increase in reporting of so-called “conversational scams” like pig butchering last year, making them the fastest growing threat to mobile users in 2022.

Proofpoint explained in a new blog post that such scams typically require a much longer lead time than phishing or malware delivery. The threat actor may initially approach their target on social media or a dating site, and then look to build rapport over the weeks that follow, exchanging harmless-seeming messages.

However, the real goal for the fraudster is to make off with their victim’s information, money or credentials.

Often the victim will be lured into investing in a fake cryptocurrency scheme. This kind of pig butchering scam was responsible for driving a surge in investment fraud last year that exceeded $3.3bn in losses, according to the FBI.

Read more on pig butchering: US Authorities Seize $112m From “Pig Butchering” Scammers.

“In addition to financial losses, these attacks also extract a significant human cost. Pig butchering and romance scams both involve an emotional investment on the part of the victim,” Proofpoint warned.

“Trust is earned and then abused, which can prompt feelings of shame and embarrassment alongside the real-world consequence of losing money.”

The vendor claimed to have evidence suggesting some of the perpetrators of these scams are themselves victims of human trafficking, including one Chinese woman living in Cambodia. However, in the future, machines could take over their job, it added.

“The release of tools like ChatGPT, Bing Chat and Google Bard heralds the arrival of a new kind of chatbot, capable of understanding context, displaying reasoning, and even attempting persuasion. Looking further ahead, AI bots trained to understand complex tax codes and investment vehicles could be used to defraud even the most sophisticated victims,” Proofpoint concluded.

“Coupled with image generation models capable of creating unique photos of real-seeming people, conversational threat actors could soon be using AI as a full-stack criminal accomplice, creating all the assets they need to ensnare and defraud victims.”

What’s hot on Infosecurity Magazine?