It started, as it almost always does, with a text from a stranger. A wrong number. A friendly correction. Then a conversation that stretched from small talk into something that felt like genuine connection. Weeks later, the stranger mentioned a cryptocurrency trading app that had been quietly making them rich. They offered to walk their new friend through a first deposit.
The app looked real. The returns looked real. The balance climbed. And then, when the victim tried to pull money out, everything collapsed: the funds froze, the stranger vanished, and the platform turned out to be a shell controlled by an overseas fraud syndicate.
Federal investigators call this “pig butchering,” a term translated from the Mandarin phrase sha zhu pan, which compares the weeks-long grooming phase to fattening a pig before slaughter. The scheme has exploded into one of the costliest consumer frauds in American history. The FBI’s 2025 Internet Crime Report, released in April 2025, documented $9.3 billion in cryptocurrency-investment fraud losses reported by Americans in 2024. When broader crypto-related fraud categories are included, the total climbs past $11 billion. The bureau logged 181,565 crypto-related complaints that year, making investment fraud the single largest driver of dollar losses across all cybercrime.
Dividing total reported crypto-investment losses by the number of complaints yields an average loss of roughly $177,000 per victim, a figure that has circulated widely in news coverage since the report’s release. The FBI’s public data does not break out a precise median, so the true “typical” loss could be lower, pulled upward by catastrophic six- and seven-figure cases. What court records and victim statements make unmistakable is the depth of financial destruction: many people drain retirement accounts, take out home-equity loans, or borrow from relatives before discovering the deception.
How the scam works, step by step
Pig-butchering operations run on a remarkably consistent script, refined across thousands of victims. The opening move is designed to feel accidental or organic: a misdirected WhatsApp message, a LinkedIn connection request from someone with a polished profile, a flirtatious opener on Hinge or Bumble. Scammers use stolen photos, AI-generated headshots, and carefully researched personal details to build a believable persona. Conversations often continue for weeks or months before money ever comes up.
Once the target is emotionally invested, the scammer introduces a trading platform. The app or website is professionally designed, sometimes mimicking the branding of legitimate exchanges down to the favicon. Early deposits appear to generate real gains. Small withdrawals may even be permitted to build confidence. The trap closes when the victim commits a larger sum. Requests to cash out are met with demands for “tax payments,” “verification fees,” or “compliance deposits,” each one a fresh extraction disguised as a bureaucratic hurdle.
Behind the scenes, the funds are typically converted into Tether (USDT) or other stablecoins and routed through layered blockchain transactions designed to obscure their origin. By the time a victim realizes what has happened, the money has often crossed multiple chains and jurisdictions.
The compound operations behind the screen
Many of the people typing those friendly messages are themselves victims. Investigations by the FBI, the State Department, and journalists have documented sprawling compound facilities in Myanmar, Cambodia, Laos, and the Philippines where trafficked workers are forced to run scam operations under threat of violence. Workers are often lured by fake job postings, have their passports confiscated on arrival, and face beatings or electric shocks if they fail to meet fraud quotas.
The Justice Department’s Scam Center Strike Force has announced coordinated actions against several of these Southeast Asian compounds. Those actions, detailed in DOJ announcements in early 2025, included criminal charges against alleged ringleaders, the seizure of 503 fraudulent investment websites, and the dismantling of a Telegram channel used to recruit trafficking victims who were then forced to staff the operations. The State Department has offered rewards of up to $10 million through its Transnational Organized Crime Rewards Program for information leading to the financial disruption of scam hubs in Burma, reflecting Washington’s view of pig butchering as both a cybercrime epidemic and a human-rights crisis.
What law enforcement is doing to fight back
Federal agencies have moved on multiple fronts. Through Operation Level Up, FBI agents have proactively contacted thousands of people identified as active or imminent targets of investment schemes, often before those individuals realized they were entangled in a fraud. The bureau has said the outreach has also surfaced victims in acute emotional distress, prompting referrals to suicide-prevention and mental-health services.
Prosecutors are simultaneously working to claw back stolen funds. In one notable case, the U.S. Attorney’s Office for the District of Columbia filed a civil forfeiture action seeking to recover roughly $2.5 million in USDT held in two Binance accounts. Court filings in that proceeding, captioned United States v. 2,546,415.01 USDT, allege that pig-butchering operators converted victim deposits into Tether and shifted them across blockchain networks. Investigators used blockchain-analytics tools, exchange compliance records, and cooperation from foreign partners to trace the funds.
Recovery, though, remains the exception. The speed of crypto transactions and the opacity of decentralized protocols mean that by the time a suspicious-activity report reaches investigators, the money has often been laundered or converted to cash in jurisdictions with limited cooperation agreements.
Red flags the government wants banks to catch
Financial regulators have tried to push defenses further upstream. In 2023, the Treasury Department’s Financial Crimes Enforcement Network issued a formal alert labeling pig butchering a prevalent virtual-currency scam. The notice laid out red-flag indicators for banks and money-service businesses: customers wiring large sums to newly opened accounts, sending repeated transfers to offshore exchanges at the direction of an online contact, or referencing “investment coaches” they have never met in person. FinCEN reminded institutions of their obligation to file suspicious-activity reports when these patterns surface.
Despite that guidance, enforcement remains uneven. Many victims fund their initial deposits through domestic wire transfers or peer-to-peer payment apps like Zelle and Venmo that fall outside traditional bank-monitoring systems. The gap between where regulators are watching and where the money actually moves remains one of the scheme’s most durable advantages.
What we still don’t know
As of mid-2026, several important questions remain open. The FBI’s aggregate loss figures do not break down victim demographics by age, geography, or detailed loss distribution in publicly available documents. Without that data, it is difficult to say which communities are bearing the heaviest burden or how common the six-figure losses highlighted in news coverage truly are relative to smaller-dollar cases.
The role of generative AI in scaling these schemes is another gap. The FBI has warned that fraudsters are experimenting with AI tools to generate convincing profile photos, automate chat scripts in multiple languages, and tailor pitches to individual targets. But the bureau’s public materials do not quantify how often AI was deployed in the reported losses, nor do they distinguish between heavily automated operations and those still driven mainly by human operators working from scripts inside compound facilities.
Technical details are also thin. The USDT forfeiture complaint describes fund flows across multiple blockchains but does not name the specific fake trading apps or web domains victims were directed to use. The FBI’s press releases and FinCEN’s alert describe common tactics without listing particular wallet addresses or software toolkits, limiting the ability of security researchers and potential victims to identify active scam infrastructure in real time.
How to protect yourself before the first deposit
Law enforcement officials and consumer-protection groups point to the same warning signs. Be skeptical of any unsolicited message from a stranger that eventually steers toward investing. Verify any trading platform through the SEC’s registration database or FINRA’s BrokerCheck before depositing a dollar. Never send cryptocurrency to a wallet address provided by someone you have only met online. And treat any promise of “guaranteed” returns as a near-certain indicator of fraud: legitimate investments carry risk, and anyone who says otherwise is selling something.
If you suspect you are already involved in a pig-butchering scheme, the FBI urges victims to file a complaint with the Internet Crime Complaint Center at ic3.gov and to contact local law enforcement immediately. Acting quickly improves the odds that investigators can trace and freeze funds before they are moved beyond reach.
The losses reported in 2024 nearly tripled the $3.96 billion the FBI documented the year before. Every indication from ongoing federal cases and the proliferation of compound operations suggests the problem is still growing. The best defense remains the simplest one: if a stranger you met online is eager to show you a trading app, the person being set up for slaughter is you.
Warren Cohen is a finance writer based in Phoenix, Arizona, covering personal finance topics including credit, banking, and beginner investing. He earned his degree in business administration from Arizona State University and began his career working in consumer finance, where he gained direct experience with lending and credit systems. He now writes for personal finance websites and fintech platforms, focusing on clear, practical content that helps readers make informed financial decisions.
