’Til Death Do Us Part… Romance Scams and the BEC Game

Behind the Scenes with a Romance Scam Victim

How are attackers able to send and receive money without funds being directly tied back to them? During a BEC engagement, cybercriminals often use romance mules as human proxies to send money from point A to point B. In order to steal money, romance and BEC scammers will often collaborate in order to make use of stolen romance victim account information.

Connecting the Dots Between Romance Scams and BEC

While we don’t have visibility into how Jane found the person we have codenamed Beta, we do know that Beta had access to her banking account as early as March 2016. Based on open-source intelligence, this relationship with Beta may have started as early as 2013.

The Romance Wears Off

As time went on, Beta really started to wear Jane down, who started using phrases like 2tired4this and 2muchmystery for her account passwords. That said, she ramped up the distribution to include more GoBank, NetSpend, and Walmart money cards.

Scammers Remain Ruthless, Even in Death

Even in death, that’s not the end of Jane’s story. In October 2017, just one month after she passed, we have reason to believe that an actor from Scattered Canary tried to sign up for an auto loan in her name. Romance scammers are ruthless, cutthroat, and will do anything to make a dollar — or in this case, tens of thousands of dollars.



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store


Agari is the Trusted Email Identity Company™, protecting companies and people from phishing and socially-engineered email attacks.