How Scammers Use AI and Cryptocurrency to Defraud Churches

Do we really think Cryptocurrency tokens or crypto "pump and dump" schemes or pig butchering are really key defrauders of churches?

It seems weird that this would be a thing. I’m guessing most congregationally governed Baptist churches have more transparency and accountability than what’s been showing up in the news. Plus, small independent congregations are not usually into investments.

Nevertheless, it’s a thing out there…

In a number of cases, pastors have been the perpetrators of cryptocurrency scams. In July, for example, Eligio Regalado, pastor of the online-only Victorious Grace Church, was indicted for an alleged $3.4 million scheme in which he reportedly convinced his congregation to invest in a worthless cryptocurrency token, then stole most of the money. In January, another pastor, Francier Obando Pinillo, was indicted for roping his own Spanish-speaking congregation into a crypto multilevel marketing scheme.

The bigger threats noted in the article are phishing and smishing schemes.

The sending of fraudulent emails (phishing) or text messages (smishing) is not new, but AI has made it harder than ever to differentiate these fake communications from the real thing. MinistryWatch recently reported how such scams are increasingly targeting churches. Emails claiming to be from pastors ask congregation members to make donations in the form of gift cards. Criminals then use the gift card information to steal the money.

A healthy response might be to just make it official church policy that you don’t invest funds in crypto, etc., and that the church never asks for donations in the form of gift cards. Then make sure that’s well communicated to everyone.

As for pig butchering, absolutely, but the church is not the target, usually. Rather, the church is a source of intel for scammers to find vulnerable people (especially elderly) to become their targets.

The United Methodist Church’s Discipleship Ministries offers recommendations for protecting congregants’ sensitive data. This includes securing church computers, being transparent on how members’ data will be used, omitting personal information (such as a church directory) from websites, using email management software, and letting the congregation know what a legitimate appeal will entail (for example, “We will never ask for credit card information in an email”).

But I’m sure there have also been scams where the con artist attends the church and “befriends” individuals they identify as fitting the profile they like: lots of money, kind hearted, naive, easy to manipulate.