Sophos, a global leader in innovating and delivering cybersecurity as a service, has released new findings on CryptoRom scams, a subset of pig butchering schemes designed to trick users of dating apps into making fake crypto currency investments.
According to the report, since May this year, Sophos X-Ops has observed CryptoRom fraudsters refining their techniques, including adding an Artificial Intelligence (AI) chat tool, like ChatGPT, to their toolset. Scammers also expanded their coercion tactics by telling victims their crypto accounts were hacked and more upfront money is needed.
Sophos X-Ops additionally discovered that scammers were able to sneak seven new fake crypto currency investment apps into the official Apple App and Google Play stores, upping the potential for victims, the report said.
Analysing the report, the Principal Threat Researcher at Sophos, Sean Gallagher, said:
“Since OpenAI announced the release of ChatGPT, there has been broad speculation that cybercriminals may use the program for their own malicious activities. We can now say that, at least in the case of pig butchering scams, this is, in fact, happening. One of the main challenges for fraudsters with CryptoRom scams is carrying out convincing, sustained conversations of a romantic nature with targets; these conversations are mostly written by ‘keyboarders,’ who are primarily based out of Asia and have a language barrier. Using something like ChatGPT can be a more efficient and effective way to keep these conversations going, making the scams less labor intensive and more authentic. It also enables keyboarders to simultaneously engage with multiple victims at one time.”