Your bank account may be at risk as $44 million pig-butchering scam is exposed
Reporting Highlights
- Struggling Gatekeepers: In the face of some $44 billion a year in pig-butchering scams conducted by Asian crime syndicates, U.S. banks have failed to prevent mass scale money laundering.
- Black Market Bank Accounts: Chinese-language Telegram channels offer to rent U.S. bank accounts to pig-butchering scammers, who use the accounts to move victims’ cash into crypto.
- One Address, 176 Clients: Bank of America allowed hundreds of unverified customers to open accounts, prosecutors alleged, including 176 who claimed the same small home as their address.
These highlights were written by the reporters and editors who worked on this story.
Brian Maloney Jr. was flummoxed when he was served with a lawsuit against his family’s business, Middlesex Truck and Coach, in January. Maloney and his father, also named Brian, run the operation, located in Boston, which boasts that it can repair anything “from two axles to ten.” A burly man in his mid-50s who wears short-sleeved polo shirts emblazoned with the company name, Maloney Jr. has been around his dad’s shop since he was 8. The garage briefly surfaced in the media in 2012 when then-presidential candidate Mitt Romney made a campaign stop there and the Boston Herald featured Maloney Sr. talking about how he had built the business from nothing in a neighborhood he described as having been a “war zone.”
Now Middlesex was being sued by a New Jersey man who claimed he had been defrauded of $133,565 in a cryptocurrency scheme. The suit claimed Middlesex “controlled and maintained” a bank account at Chase that had been used to collect the fraudulent payment. The purported victim wanted his money back.
None of this made any sense to Maloney Jr. His company did not have an account at Chase, and he barely knew what crypto was. “For God’s sake, we fix trucks and still have AOL,” he would later say.
It was only after Maloney went to Chase to investigate that he was able to piece together at least part of the explanation. It turned out that Chase had allowed an unknown individual, who applied online with no identification, to open an account under Middlesex’s name, according to information Chase provided to Maloney. The account was then used to solicit hundreds of thousands of dollars from fraud victims, including the $133,565 from the man who was now trying to reclaim his funds.
Middlesex’s experience, as bizarre as it seems, is part of a global problem that plagues the banking industry. The account falsely opened in Middlesex’s name, and many others like it, are way stations in a sophisticated multistep money laundering process that transports cash from U.S. scam victims to crime syndicate bosses in Asia.
There’s been an explosion in international online fraud in recent years. Particularly widespread are “pig-butchering” schemes, as ProPublica reported in 2022. The macabre name derives from the process of methodically “fattening” victims by getting them to contribute more and more money to an investment scheme that seems to be succeeding, before eventually “butchering” them by taking all their deposits. Often operated by Chinese gangs out of prison-like compounds in Cambodia, Laos and Myanmar, pig-butchering in that region has reached a staggering $44 billion per year, according to a report by the United States Institute of Peace, and it likely involves millions of victims worldwide. The report called the Southeast Asian scam syndicates the “most powerful criminal network of the modern era.”
A huge portion of such fraud is transacted in cryptocurrency. But given that the typical consumer doesn’t own crypto, many scams unfold with a victim tapping a traditional bank account to wire dollars to swindlers, who receive the funds in their own accounts, then convert them into crypto to move across borders. Later in the process, the scammers will typically transfer their crypto back into standard currency.
Bank accounts are so crucial to this process that a thriving international black market has developed to rent accounts for fraud. That, it seems, is how a Chase account in the name of Middlesex ended up as a repository for the proceeds of pig-butchering.
The huge demand for accounts used for misbehavior gives banks a crucial, and not always welcome, role as gatekeepers — a responsibility required by U.S. law — to prevent criminals from opening accounts or engaging in money laundering. Yet from the U.S. to Singapore, Australia and Hong Kong, banks have consistently failed at that responsibility, according to experts who have investigated money laundering, as well as reviews of fraudulent account details shared by victims and court cases reviewed by ProPublica. The list of financial institutions whose accounts pig-butchering scammers have made use of includes global behemoths like Bank of America, Chase, Citibank, HSBC and Wells Fargo and many other U.S. and foreign lenders.
The banks said in statements to ProPublica that they make extensive efforts to fight fraud by investing in systems to detect suspicious activity and to report it to authorities (read the banks’ statements here). The American Bankers Association, which represents the industry, acknowledged that “with more than 140 million bank accounts opened every year bad actors can sometimes get through despite determined and ongoing efforts to stop them.” But the group said other industries like telecommunications providers and social media platforms need to do more to fight fraud because there’s only so much that financial institutions can do.
Pig-butchering scams present some unique challenges for banks. Among other things, a customer in thrall to a fraudster will sometimes foil their own bank’s attempts to prevent them from sending money to a criminal. And foreign-based scammers have become adept at finding middlemen in the U.S. to exploit the banking system. “Cyber-enabled fraud operations in Southeast Asia have taken on industrial proportions,” according to an October report by the United Nations Office on Drugs and Crime. John Wojcik, one of the authors of the report, told ProPublica, “Banks have never been targeted at this scale, in these ways.”
It doesn’t help that there are “no real standards as to what a bank has to do for detecting fraud or money laundering,” said Lester Joseph, a financial compliance consultant who used to oversee money laundering cases at the Department of Justice and later worked at Wells Fargo. The main law governing U.S. compliance regimes, the Bank Secrecy Act, requires financial institutions to maintain programs to know their customers and to detect and report suspicious activity to the government. That might mean noticing, say, that a newly opened account is suddenly receiving and sending hundreds of thousands of dollars of wire payments each month.
But it is up to banks to design those programs. The regulations don’t even require that the programs be effective. That gives banks wide flexibility on how much due diligence and monitoring to do — or not do. More scrutiny upfront means slowing down business and adding costs. Many banks don’t ask questions until it’s too late.
If you’re a criminal looking to obtain a bank account with no pesky formalities, it’ll take you only minutes to find one on the messaging app Telegram. Chinese forums there feature ads for “cars” or “fleets” — bank accounts or other online payment platforms that can be used to collect stolen funds. (The vehicle metaphor stems from the fact that in Chinese slang, money laundering operations are known as “motorcades.”) One Telegram ad offered accounts at PNC, Chase, Citi and Bank of America and boasted of “firsthand” control of the accounts: “People can go to the bank to transfer money,” the ad said.
Another Telegram channel listed various flavors of pig-butchering scams for which it provided bank accounts. The group, named KG Pay, boasted of accepting wire transfers, making withdrawals from U.S. banks and converting deposits into crypto to transfer them to scammers. KG offered to handle deposits of up to $1 million in accounts that imitate “normal business transactions.” To avoid suspicion, KG said, it sliced big amounts into smaller batches. If banks grew suspicious and froze one of its accounts, KG said, it had agents ready to call customer service to persuade them to lift the freeze. For smaller transfers, a video tutorial inside the channel showed how easy it was to send cash using the Chase app. (Telegram deleted the KG Pay channel after ProPublica asked about it. In a statement, Telegram said it “expressly forbids money laundering, scams and fraud and such content is immediately removed whenever discovered. Every month, over 10 million accounts, groups and channels are removed for breaching Telegram’s terms of service — including rules that prohibit money laundering and fraud.”)
Demand for money laundering is huge in Sihanoukville, a seedy gambling hub in Cambodia notorious for hosting massive scam operations. In some hotels above casinos there, blocks of guest rooms have been converted into offices where workers help fraudsters find motorcades to move illicit funds, according to a 2024 report by a doctoral anthropology student.
Inside those offices, the tap of keyboards and buzz of Telegram notifications suggested a trading floor at a stock exchange. But the work of the people interviewed by Yanyu Chen, the doctoral student, was very different. The workers, all Chinese and speaking on the condition of anonymity, were candid. They said they were tasked with matching cyberscam gangs with providers who could supply them with bank accounts to collect and move proceeds from fraud victims. In Telegram chat groups, the workers could see bank account suppliers and swindlers in need of accounts and would match the two and keep track of trades and commissions.
The business has become so mainstream that even one of Cambodia’s most prominent financial services firms, Huione Group, runs an online marketplace that allegedly facilitates such transactions. Its Telegram channels, including the one that included the aforementioned ad offering “firsthand” control of U.S. bank accounts, have helped launder funds for pig-butchering scams as well as heists linked to North Korea, according to the U.S. Treasury’s Financial Crimes Enforcement Network. (Huione said in a statement that it is working to prevent abuse of its services and is “fully committed to collaborating with the U.S. Treasury Department to address expeditiously any and all concerns.”)
The workers interviewed by Chen were unperturbed about enabling fraud. One described the work as boring, little more than copying and pasting bank account info between scammers and motorcades. Another worker told her that he viewed himself as “solving a very old problem of getting into the banking system people who have long been shut out of it.”
The fraud that ensnared Middlesex Truck and Coach as a tangential victim covered thousands of miles via electronic byways. By all appearances, it emanated from Cambodia, then reached New Jersey, where a mark was persuaded to wire a total of $716,000 to accounts tied to purported businesses in Boston, New York, California, Hong Kong and elsewhere. All but a few appeared to have been incorporated by Chinese individuals, sometimes just days before their accounts started accepting large sums.
The fleecing of Kevin, who ProPublica agreed to identify by first name only, was a textbook example of pig butchering. Kevin had reached the stage in life when he wanted to ease his workload after a varied career as a financial planner, small-business owner and fitness instructor. Just before Christmas 2022, someone purporting to be a San Diego woman named Viktoria Zara friended Kevin on Facebook. She soon introduced him to a sleek crypto trading website called 3A on which she claimed to have made $700,000 on bitcoin futures. (Facebook deactivated Zara’s profile after ProPublica inquired about it, and a spokesperson said the social media company has “detected and disrupted over seven million accounts associated with scam centers” in Asia and the Middle East since the start of 2024.)
Kevin acknowledges he was seduced by the thrall of easy money. “Something came over me,” he said. Kevin accepted Zara’s offer to teach him how to trade and, within a few weeks, he was routinely wiring tens of thousands of dollars to various bank accounts to fund his trading.
The accounts were not registered to 3A. They were listed under a variety of companies he’d never heard of, such as Guangda Logistics and Danco Global.
Kevin found this odd. But Zara, his supposed friend, told him that was just how 3A operated, and Kevin felt safe wiring funds to accounts at Chase because of its size and reputation. Every time he did so, the sum showed up in his online 3A portal, making him think the transactions were real. Better yet, his investments had apparently soared; his account balance now read $1.4 million.
Like many a pig-butchering victim, Kevin realized something was off only when he went to withdraw his profits and 3A demanded that he first pay a “tax” of almost $134,000. Kevin knew from his financial planning days that wasn’t how things worked. But he set aside his doubts and went to his bank late one afternoon in April 2023 to wire the tax payment. He’d been given a fresh Chase account to send funds to and pressured to wire money within two hours.
This time, his money was addressed to Middlesex Truck and Coach. Kevin was so under the sway of his scammers at that point that he did not question the money’s destination. Nor did the teller at the TD Bank branch he went to. (TD declined to comment on Kevin’s case but said it trains employees to challenge customers when transactions seem suspicious and to warn them never to wire funds to people they do not know.)
As soon as Kevin got home, panic set in: 3A told him the Chase account to which he’d just wired $134,000 was frozen and that his tax payment would not go through. He would need to send another $134,000 to a different account. Confused, Kevin went back to TD first thing the next day and asked the teller to reverse the wire. Over the next two weeks, Kevin said, his bankers at TD called Chase three times but never got a response. (Chase did not answer ProPublica’s questions about Kevin’s efforts to recall his wire but said the wire recall process is challenging and rarely succeeds.)
It is possible to reverse a wire transfer if customers inform their banks quickly, before the transaction has been completed, according to lawyers and experts. But banks have no obligation to reverse a transfer even when a customer reports potential fraud. “It’s really up to the receiving institution if they release the funds and how they go after the customer on their end,” said Saskia Parnell, a banking industry veteran who now volunteers for an anti-scam group called Operation Shamrock.
As Kevin agonized, the 3A customer service reps dangled a solution: Just wire the funds again and unlock your $1.4 million. He feared TD wouldn’t let him send the wire again, so he switched to PNC Bank and sent a fresh $134,000 wire to another recipient at Cathay Bank in California. That yielded yet another tale about a purported government roadblock and the demand for yet another payment.
Kevin wasn’t thinking clearly. His son, who had struggled with substance abuse, had suddenly died of a fentanyl overdose. Kevin was overwhelmed with grief. He agreed to make another payment.
By June 2023, even a call from PNC’s fraud department declining his outgoing wire could not dissuade him. It was the only instance, out of the 11 times he attempted to wire money to scammers, that a bank stopped the transaction, according to Kevin, who did not have a history of making wire payments before. (PNC said in a statement that “we believe we took appropriate action.”)
It made no difference. Kevin’s mind was so clouded that he instead opened a new account at Wells Fargo. The switch illustrated another challenge: Even if one bank succeeds in preventing fraud, criminals can still win if another bank isn’t as diligent. (Wells Fargo said it invests hundreds of millions of dollars a year to fight scams).
After wiring $150,000 from Wells Fargo to two Chinese entities listed at a Singaporean bank, Kevin waited to receive his trading proceeds. But when all that resulted was another request that he wire money — $40,000 this time — Kevin finally grasped reality. He was now without a son, and his finances lay in ruins. “The whole world was coming to an end,” he recalled.
Kevin had preserved enough savings to hire a private investigator, John Powers of Hudson Intelligence, to follow the financial trail. Powers found a litany of red flags among the entities that had gotten bank accounts and received Kevin’s funds. Some of the businesses gave phony addresses, such as a vacant home. Another was registered to a one-bedroom apartment in Los Angeles that was also listed as the headquarters of a dozen other businesses set up since 2022 by different Chinese individuals. Contact info was scarce; official emails for two companies included the temporary email domain “netsmail.us,” which doesn’t connect to a functioning website. All of these ersatz businesses had accounts at Chase, Cathay or Singapore’s DBS Bank.
Chase said that it has policies to identify and verify the identities of its customers, and that it continually evaluates and enhances them. Cathay said it also reviews its systems and policies to detect and prevent fraudulent activity. DBS did not respond to requests for comment.
Another clue indicated that the banks had been doing business with a larger criminal enterprise. Two of the companies Kevin sent funds to, Guangda Logistics (which lists no contact information) and Danco Global (which did not respond to ProPublica’s request for comment), showed up on a list of more than six dozen shell entities that had been used to defraud Americans of nearly $60 million. The information was uncovered in an investigation by the U.S. Secret Service into KG Pay, one of the money laundering groups that was on Telegram.
The case of the man behind KG Pay sheds further light on how motorcades use U.S. banks. Daren Li, a Chinese national in his early 40s, went by the alias KG Perfect. Based in Cambodia, he directed the movement of large sums of pig-butchering proceeds from the U.S. to overseas. Li, who was arrested in April 2024 at the airport in Atlanta, pleaded guilty in November to conspiracy to commit money laundering. He admitted that at least $73.6 million of victim funds were deposited into bank accounts he and his co-conspirators controlled. Li, who is in federal detention awaiting sentencing, could not be reached for comment through his lawyer. Seven other people have pleaded guilty to conspiring with Li.
KG exploited a weakness in the U.S. banking system: Banks are reluctant to share account information, even after they’ve identified suspicious activity. A law enacted in the wake of the Sept. 11, 2001, attacks gave banks a reprieve from secrecy rules if they alert one another to potential terrorism or money laundering activities. But the information sharing is voluntary and “banks are not communicating with each other,” according to Matt O’Neill, who led many money laundering investigations for the U.S. Secret Service during his 25 years there. “Fraudsters know it and fraudsters are clearly making hundreds of millions or billions of dollars off of this glaring gap in the system,” said O’Neill, who now runs 5OH Consulting.
One of the most prolific cogs in Li’s motorcade, according to civilandcriminalcases, was a Chinese national named Hailong Zhu. He entered the U.S. on a tourist visa around 2019 and then stayed, working odd jobs in construction and at a restaurant. In 2022, Zhu was recruited to help Li’s other operatives set up businesses and bank accounts near Los Angeles in exchange for $70,000.
Zhu turned the assignment into a full-time job, eventually juggling seven accounts at Bank of America, Chase, East West Bank and Wells Fargo tied to two entities set up in his name: Sea Dragon Trading and Sea Dragon Remodel. When Bank of America restricted Zhu’s Sea Dragon Trading account due to suspected fraud on Oct. 19, 2022, Zhu got another account at Bank of America the next day using Sea Dragon Remodel. By Nov. 1, 2022, he had secured four more accounts at Chase, Wells Fargo and East West Bank. Except for varying his address and email, investigators found that Zhu provided largely the same info when opening accounts for the two shell entities.
Zhu’s account opening spree happened just a few months after federal prosecutors blamed “the corruption of BofA bankers” for a scheme in which a handful of employees opened 754 accounts at Bank of America registered to 13 false addresses in the Los Angeles suburbs. In that case, shadowy middlemen dispensed bribes of $200 to $250 per account to Bank of America employees who overrode internal compliance systems to open accounts for overseas Chinese citizens who weren’t physically present at the branch to open the accounts, in violation of the bank’s rules. Even when the bankers registered 176 customers to one small home, the accounts were still opened. (Two of the bankers later pleaded guilty to making false entries in bank records; Bank of America said in a statement that it “uncovered illegal activity using its monitoring systems, terminated the employees, and cooperated with law enforcement, who successfully prosecuted those involved. This is how our anti-money laundering program is designed to work.”)
With banks always one step behind, Zhu’s accounts kept receiving hundreds of thousands of dollars from victims across the U.S. Zhu would bundle the proceeds and transfer them abroad. During one week in November 2022, for example, he received six wires totaling almost $52,000 into one of his accounts and wired out one lump sum of $53,000. The destination was a bank account in the Bahamas controlled by Li and others, who converted the funds into cryptocurrency for their journey to scam centers located overseas, including in Sihanoukville. Investigators discovered a crypto wallet address they believed Li controlled. Data from cryptocurrency analytics firm Crystal Intelligence shows the wallet address sent and received about $341 million of crypto across 16,800 transactions between April 2021 and April 2024.
Zhu was arrested in March 2023 and charged with bank fraud. His lawyers acknowledged at trial that their client opened bank accounts and moved funds but said that Zhu did not know his bosses were using them for criminal purposes. Zhu was acquitted after the attorneys persuaded the trial judge that using false information to obtain a bank account does not constitute a scheme to defraud a bank. Only months after the acquittal, Zhu was charged again, this time with money laundering offenses, in an indictment filed in December 2023. Zhu, who couldn’t be reached for comment, did not enter a plea and was listed as a fugitive as of March 2025.
In January 2024, Kevin, desperate to get his money back, sued the 10 companies to which he had wired money at the scammers’ behest, including Middlesex Truck and Coach. None replied to his lawsuit — most were shell entities, after all — until January 2025, when Kevin’s lawyer got an email from Brian Maloney Jr.
Maloney confessed that his staff had ignored the lawsuit when it was initially served because it looked like a scam. He said he’d never banked with Chase and had no idea about any account that had been used to defraud Kevin. Maloney agreed to go to the local Chase branch to investigate and try to help Kevin get his money back.
“I went to the bank and said, ‘What the hell is going on?’” Maloney told ProPublica. After spending nearly two hours with the local Chase branch manager, Maloney realized that he, too, was a victim of the bank’s lax procedures: He said the branch manager told him that Chase had allowed someone to obtain an account online in his company’s name in March 2023 with nothing more than a digital signature and an employer identification number, but no personal identification. That account had then accepted hundreds of thousands of dollars of wire transfers. And now Maloney’s family business — not Chase — was the defendant in a lawsuit. “How is this legal?” he wondered. (Colin Schmitt, a retired FBI agent, said Chase could have mitigated the fraud by at least pausing incoming wire transfers to the fake Middlesex account and asking its owner to justify the transactions. “If you’re just using an account just for wires, that’s a big red flag,” Schmitt said.)
Still, there was a silver lining: The funds remained in the account. Not only Kevin’s $134,000, but almost $100,000 more from several other victims sat frozen inside since spring 2023.
Kevin was glad the money was still there, but he wondered why it took a lawsuit to unearth the info. “It does not seem like the system is tailored to give any deference to the victim,” he said. “That’s what frustrates me.” His lawyers advised him to seek an order from a federal judge to get his funds back and filed such a petition in March. After ProPublica asked Chase about Kevin’s funds in April, the bank agreed to return the money to him without a court order.
The $134,000 landed back in Kevin’s bank account in mid-May. Finally, he felt a sense of relief. (He has now dropped the suit against Middlesex.) But Kevin also wondered what would happen to the other people whose money got siphoned up by the fake Middlesex account. Would Chase wait for them to file lawsuits too?
Banks are starting to face lawsuits by pig-butchering victims who allege laxness in opening accounts. In December, a California man who was defrauded of nearly $1 millionsued DBS and two other banks for alleged failures to comply with know-your-customer and anti-money-laundering laws. A college professor from Iowa who lost $700,000filed a lawsuit in January against Hang Seng Bank in Hong Kong for failing to do proper due diligence on the people who opened accounts used to defraud him. Hang Seng reached an agreement with the Iowa professor to dismiss the suit and declined to comment further. DBS did not reply to requests for comment on the California case, but the bank asserted that the lawsuit contains “fatal flaws,” according to a filing in the suit.
Such cases are long shots, according to Carla Sanchez-Adams, senior attorney at the National Consumer Law Center. The suits typically fail because it’s hard to show that financial institutions knew or should have known about potential fraud.
Still, banks are well aware that fraud is on the rise. Nearly 1 in 3 Americans say they have been the victim of online fraud or cybercrime, according to a 2023 poll commissioned by Wells Fargo. “The scale of fraud taking place every day is a massive burden for our country and for the millions of hard-working women and men whose lives are affected by it,” Rob Nichols, president of the American Bankers Association, said in an October speech.
Nichols contends that “consumers credit the banking industry with doing more than other industries to protect them from fraud and keep their information safe.” He cited an initiative by the ABA to create a database of fraud contacts to help banks figure out who to call when there’s a problem. And he urged the Trump administration to develop a national fraud prevention strategy.
Other countries are taking more aggressive steps. In October, the U.K. began requiring banks to reimburse scam victims up to £85,000, or about $116,000, per claim when they make a fraudulent payment on behalf of their customers, even if the customers authorized the transfer. Australia recently enacted a law that will require banks to share suspect account info with one another. Thailand has gone even further, creating a Central Fraud Register intended to compel banks to identify and close accounts used for money laundering.
The U.S. lacks such rules. O’Neill, the former Secret Service agent, thinks that updating the Patriot Act, the post-9/11 law meant to encourage banks to share intel, would be a good place to start. But Congress has not moved in that direction and the Trump administration has shown no sign that it plans to prioritize this issue. (Asked what steps the administration is taking, a spokesperson told ProPublica to Google the administration’s sanctions related to pig-butchering scams.)
For now, bank accounts remain easy for fraudsters to obtain. A sleek-looking brokerage akin to 3A has been online for months, soliciting deposits for what a researcher at the Global Anti-Scam Organization identified as a pig-butchering scheme. Anyone wishing to “invest,” the brokerage said, can wire money to a shifting array of banks, including Chase.
Doris Burke contributed research.