A Victim's Tale: Arthur's Experience

Immediately following a presentation at a recent conference in San Diego, a gentleman approached me to share his personal story of being victimized one year earlier in a cryptocurrency scam.

Arthur (name changed for privacy), age 68, had spent his entire career working as an accountant for a large food distribution company in Southern California. When the day finally came for him to hang up his suit and tie, he looked forward to spending more time with his family, especially his beloved grandson, Tommy, who was on the autism spectrum. He felt confident that the money he had saved would be enough for him to live out a simple, yet comfortable retirement.

The Rise of LinkedIn Scams

With more time on his hands, he spent 3-4 hours per day on social media. He particularly liked LinkedIn as it was a great channel to meet and follow people having common interests. One day he received a connection request from Susie Wu. Her profile was impressive, showcasing her as a senior program engineer for a large U.S. company. She was not just successful in her career, she also listed volunteer work helping children with autism. Arthur did not hesitate in accepting the invitation to connect.

Deceptive Connections: Susie Wu's Manipulation

Over the next six months, Arthur and Susie exchanged messages on various topics, including autism. They shared stories, insights, and strategies for helping children like Tommy. Arthur was grateful for the connection, as it felt like he had found a friend who truly understood the world he was part of.

The Unmasking of a Cryptocurrency Scheme

As time passed, their conversations shifted towards investments and financial planning. Susie recommended a particular investment fund that she claimed had excellent returns. Initially, Arthur was hesitant, but as he saw the impressive gains on his initial investment of $2,500, it piqued his interest. He thought about Tommy’s future and how he might need more financial security. Gradually, Susie persuaded him to invest in a cryptocurrency fund, and he trusted her judgment. What Arthur didn’t know was that Susie apparently controlled the fund. Blinded by his growing trust in her, he invested progressively more, ultimately committing almost all his retirement funds, a staggering $400,000.

Cryptocurrency Fraud: A First-hand Account

Then, without warning, Susie ceased all contact with Arthur. She stopped responding to his messages, leaving him feeling bewildered and abandoned. When he tried to contact the investment fund directly, he discovered that the phone numbers were disconnected, and their website completely disappeared. Desperation and fear gripped Arthur, as he realized that he had fallen victim to an elaborate scam. While he filed a complaint with the FBI’s Internet Crime Complaint Center (IC3) and the Federal Trade Commission (FTC), the harsh reality was that he was merely a statistic among similar cases filed by thousands of Americans each year. With his retirement nest egg all but gone, he needed to go back to work by offering tax preparation services. While he remains too embarrassed to share his story with friends, I’m glad he agreed to share it with me in hopes that he might prevent others from falling victim to such schemes.

The Anatomy of Fake LinkedIn Profiles

These cryptocurrency scams run rampant on the LinkedIn platform and share the same pattern. A fake profile is established of an individual with an impressive academic and professional history. Many of them appear as attractive Asian females having obtained their undergraduate degree and first work experience in China or Singapore before relocating to the U.S. where they obtained their master’s degree from one of five different prestigious universities followed by obtaining an impressive position with a major U.S. company. As reported in November 2022, some 1,500 fake profiles were identified having SpaceX listed as their current employer. While those profiles were eventually taken down by the LinkedIn platform, several hundred new profiles have been created and curated over the past 3-4 months allegedly working for the same firm.

Artificial Intelligence in Online Fraud

In reality, such fake profiles can be created within 25-30 minutes to include the names of prestigious universities and employers that are not verified by the platform. The profile can be built to include commonalities with the intended target. In Arthur’s case, it was autism. These fake profiles can amass over 500 legitimate connections within two weeks to include mutual connections within a target’s network. Why? Because many people will accept a connection request from people whom they do not personally know and without even taking a close look at the profile of the person. In fact, they become unwitting accomplices in the crime by adding credibility to the fraudulent profile. Today, AI is already incorporated into such schemes devised by fraudsters. While ChatGPT has a number of guardrails preventing its use to collect targeting data on an individual, such technology is already used by fraudsters without such limitations. Identified commonalities are then incorporated into the fake profile. The narrative of the profile is more robust and well-written. Finally, the profile picture is transitioning from one stolen from another person and potentially discoverable by conducting reverse image searches, to ones which are one-of-a-kind computer-generated images.

Safety Measures Against Digital Deception

3 essential online safety tips:

1. Never accept invitations to connect with people you do not personally know.

2. If you decide to connect with an unknown person, conduct Google searches to verify that this persona exists other than what appears on their profile page.

3. NEVER, EVER send money to/through someone whom you have not met in person.

Share to Aware: Combatting Online Schemes

I believe that sharing information and such personal stories is among the best ways to create awareness of such scams. Together, we can spread awareness and keep each other safe.

About the Counterintelligence Institute

Founded by former CIA senior intelligence officer Peter Warmka, the Counterintelligence Institute’s mission is to assist your corporations, government offices, academic institutions and non-profit organizations in protecting your sensitive information and personal data records against security breach attempts. Our online and onsite training services focus on transforming the human factor from being the weakest link in security to becoming the most effective defensive tool against security threats against your company and personal life.