TL;DR: Pig butchering scams have matured into cross-border criminal enterprises that blend investment fraud, trafficking, and crypto laundering, with Chainalysis describing cases that led to $225 million and nearly $50 million in USDT freezes through exchange and law enforcement collaboration. The governance lesson is that trust exploitation and fund movement controls now sit alongside identity verification and fraud detection as core controls.
NHIMG editorial — based on content published by Chainalysis: pig butchering scams, fund freezes, and blockchain investigation workflows
By the numbers:
- In November 2023, Tether and OKX collaborated with the DOJ to freeze $225 million in USDT connected to human trafficking and romance scams.
Questions worth separating out
Q: What fails when identity controls stop at onboarding in scam-driven fraud?
A: Onboarding only proves something at a single point in time.
Q: Why do long-form relationship scams complicate fraud and identity governance?
A: Because they exploit human trust over time rather than exploiting a single technical weakness.
Q: How do investigators use wallet tracing to disrupt scam networks?
A: They follow the movement of funds across wallets, identify consolidation behavior, and map the addresses that act as transfer hubs.
Practitioner guidance
- Strengthen relationship-risk monitoring Add review logic for long-duration contact patterns, repeated reassurance, and low-value proof transfers that precede high-value crypto or payment requests.
- Integrate identity and fraud case workflows Connect identity verification, account recovery, and transaction monitoring so teams can correlate the same person, wallet, and communication pattern across channels.
- Preserve wallet lineage for investigations Keep immutable records of address clusters, intermediary wallets, consolidation nodes, and transfer timing so investigators can reconstruct the laundering path later.
What's in the full article
Chainalysis' full article covers the investigative detail this post intentionally leaves for the source:
- Step-by-step blockchain tracing workflow showing how investigators narrowed a broad address set to a small cluster of scam-controlled wallets.
- The wallet graph pattern used to distinguish victim transfers from consolidation and intermediary movement.
- Operational context behind the $225 million freeze and the nearly $50 million case, including how collaboration with exchanges and law enforcement supported action.
- Chainalysis' investigation lifecycle for turning suspicious transfers into evidence usable by executives, lawyers, judges, and law enforcement.
👉 Read Chainalysis' analysis of pig butchering scam investigations and fund freezes →
Pig butchering scams , what IAM and fraud teams need to watch?
Explore further
Trust engineering is now a fraud control problem, not just a consumer behaviour issue. Pig butchering works because the attacker controls the tempo of trust creation, then converts that trust into a financial action. That means identity verification, account recovery, and transaction monitoring need to work together instead of operating as separate teams. The governance gap is the assumption that fraud is only visible at login or payment authorisation. Practitioners should treat long-duration trust manipulation as a first-class risk.
A question worth separating out:
Q: Who is accountable when scam proceeds are frozen or seized?
A: Accountability is shared across the exchange, the issuer, the investigators, and law enforcement, but each party has a different role. Financial institutions need preserved evidence, clear escalation criteria, and legal review paths. Regulatory expectations often focus on timely reporting, cooperation, and controls that support recovery.
👉 Read our full editorial: Pig butchering scams are now an identity and fraud governance issue