Threat Intelligence Directory
Social Engineering
Romance Investment Fraud (Pig Butchering)
Attack Trigger
Romantic relationship leading to "once in a lifetime" investment tip
What Attackers Want
$10,000–$500,000+ in crypto or wire transfers
How This Attack Works
Attackers build a convincing romantic relationship over weeks or months via email, dating apps, or social media, then introduce a "profitable" cryptocurrency or trading platform. Victims deposit increasing amounts of money, see fake returns on a fraudulent dashboard, and are hit with fake "tax" fees before they can withdraw. By the time they realize it is a scam, funds are gone.
Red Flags to Watch For
- ✗Romantic interest moves unusually fast emotionally and professes love quickly
- ✗Person always has a reason they cannot video call in real time
- ✗Claims to be overseas — military, engineer on an oil rig, or international doctor
- ✗Introduces an investment platform you cannot find via independent research
- ✗Shows impressive portfolio returns on a private app to encourage deposits
- ✗You are asked to pay "taxes" or "release fees" before withdrawing profits
- ✗Withdrawals are always delayed or blocked by new platform requirements
How Glance Stops This
- Domain similarity analysis catches lookalike sender addresses at millisecond speed
- SPF / DKIM / DMARC validation flags authentication failures before you ever see the email
- VirusTotal + Google Safe Browsing checks every link in real time
- Urgency language detection scores the email higher for manual review
- Known malicious domain blocklist updated continuously from live scan data
Don't wait to get hit.
Glance scans every incoming email against 12 detection layers — including the exact tactics described above — before it reaches your inbox.
Protect My Inbox — Free