Words Matter: Why Interpol Wants to Stop Victim Shaming

Phil Muncaster asks whether changing commonly used terminology can really impact cyber crime reporting

Cyber crime reporting is worryingly low. According to one estimate from the Crime Survey of England and Wales (CSEW) only 13% of fraud cases are reported to Action Fraud or the police by victims. National Trading Standards reckons the figure is more like 32%.

It means estimated victim losses of $652m (£801m) to romance and confidence fraud in 2023 are likely to be just the tip of the iceberg. That’s part of the reason why Interpol wants industry to do more to encourage victims to come forward. A good start, it argues, is to change the way we refer to victims of a particularly prevalent romance/investment scam hitherto known as “pig butchering”.

But can changing the way we refer to cyber crimes really have the desired effect? Or is the policing group overthinking things?

Romance baiting is the new pig butchering

Pig butchering derives its English moniker from the Chinese word “shazhupan”, which roughly equates to “killing pig game”. It refers to the way victims are often approached on dating sites by scammers, who then try to build a trusted relationship with them – “fattening them up” for the kill. Once the fraudster has won over hearts and minds, they will then suggest their victims invest in a fake crypto scheme or similar. By the time they realise it’s all a con, it’s too late for the victim. The animal has already been metaphorically slaughtered, and their hard-earned cash is gone.

“While reporting rates for all crime is 79%, it drops to just 36% for cyber-related incidents”

Interpol’s argument is that using such language shames victims to the point where they may not be keen on coming forward. The policing group wants “romance baiting” to enter the cybersecurity lexicon instead.

“Words matter. We’ve seen this in the areas of violent sexual offences, domestic abuse, and online child exploitation. We need to recognise that our words also matter to the victims of fraud,” says Interpol acting executive director of police services, Cyril Gout.

“It’s time to change our language to prioritise respect and empathy for the victims, and to hold fraudsters accountable for their crimes.”

Is Interpol right?

This isn’t the first time that a call has gone out to change specific cyber crime terminology. Back in 2020, the National Cyber Security Centre (NCSC) led a largely successful push to change “black/whitelist” to the more racially neutral “denylist/allowlist”. The terms “black hat” and “white hat” are far less common today for similar reasons. And the maintainers of programming language Python replaced terms “slaves” to “workers” or “helpers” and “master process” to “parent process”.

But does Interpol have a point about “pig butchering”? There’s certainly a case for saying that some cyber crimes can have a particular emotional impact on the individual, especially those where the victim has been betrayed by someone they thought could be trusted. It can cause distress, shame and feelings of helplessness. One victim of a historic dating scam even told researchers she felt like the experience was akin to being “mentally raped”.

“Language in relation to fraud should be considered and extremely carefully selected, and only done so with an evidence-based reasoning behind it” Dr Elisabeth Carter

Elisabeth Carter is an associate professor of criminology and forensic linguist at Kingston University London. She agrees that language can have a “huge impact” on victims and societal narratives.

“The terminology ‘pig butchering’ is used by criminals intent on harm. It is pejorative, dehumanising and it does harm victim reporting, victim self-identification, self-esteem, recovery, and harms societal narratives around fraud victimhood which also in turn feds into barriers to reporting,” she tells Assured Intelligence.

“Language is the very way in which criminals engage with and attack victims, using this to create an alternate reality where victims believe they are making reasonable choices, but in fact are being exploited and harmed financially and psychologically. The terms we use when communicating with the public are therefore all the more important. Far from being a distraction or overthinking, language in relation to fraud should be considered and extremely carefully selected, and only done so with an evidence-based reasoning behind it.”

KnowBe4 lead security awareness advocate, Javvad Malik, agrees up to a point.

“Kudos to Interpol for recognising the power of words. They’re not wrong – language can indeed be a barrier to reporting crimes,” he tells Assured Intelligence. “On one hand, changing terminology could potentially confuse the public. But if the current terminology is preventing victims from coming forward, then it’s worth solving the issue.”

The power (or not) of words

Kingston University’s Carter highlights other ways in which language can in subtle ways undermine the fight against cyber crime and fraud. Although the language, manipulation and silencing tactics used by fraudsters are similar to those of domestic abusers, many people still say victims “fell for fraud” – which implies they were in some way to blame for being tricked, she argues.

“We wouldn’t say ‘don’t fall for domestic abuse’”, Carter adds. “Similarly, ‘scam’ should be avoided, as it minimises the crime, which is fraud, and ‘money you lost’ should instead be ‘money that was stolen/taken from you.’”

However, others expressed scepticism over Interpol’s calls. Silvija Krupena has over two decades of experience in financial crime prevention and is currently director of the financial intelligence unit at RedCompass Labs. She tells Assured Intelligence that Interpol should be focusing on policing crime, not language.

“Let’s go beyond wordplay and focus on what matters – education and prevention. That’s how we disrupt the cycle of cyber crime” Silvija Krupena

“These scams are bleeding hundreds of billions annually. Do we seriously believe terminology is what’s keeping victims from reporting?” she argues. “Changing the term now adds friction, inefficiency and confusion to an already overwhelmed industry. And for what? Victims aren’t holding back because of terminology – they’re devastated, afraid and focused on recovery, not word choice.”

Krupena adds that “romance baiting” is far from ideal as a replacement, as not all pig butchering fraud involves a romance element.

The bigger picture

It is, of course, difficult to calculate just how under-reported cyber crime is. But it’s not impossible. Victim support group The Cyber Helpline estimates that, while reporting rates for all crime is 79%, it drops to just 36% for cyber-related incidents. That’s bad news not just for the victims, but also UK PLC, because it means the perpetrators are more likely to continue operating with impunity – and may turn their attention to business targets.

If the government can’t even get a proper picture of how widespread specific crime types are, and who is committing them, it will hamper both efforts to design effective public policy, and the ability of law enforcers to track down specific offenders. It’s one of the reasons why the new Labour government has made mandatory incident reporting a key part of its forthcoming Cyber Security and Resilience Bill.

“Gaining a more accurate picture of the scale of the problem is the first step towards tackling it”

Yet there’s more to encouraging incident reporting, especially among individual victims, than changing the way certain crimes are referred to. Krupena wants to see “bold transnational awareness campaigns” focused on breaking the stigma that fraud victims are caught out because they are “stupid” in some way.

“The campaigns should educate on red flags and warning signs, protecting both victims recruited by traffickers to run scams and those targeted by them,” she continues. “These efforts must start on social media, especially Meta platforms, and then telecommunication providers; the next biggest channel. Let’s go beyond wordplay and focus on what matters – education and prevention. That’s how we disrupt the cycle of cyber crime.”

According to Home Office research from over a decade ago which The Cyber Helpline claims is still relevant today, cyber crimes are also under reported because of a perception that the police can’t or won’t do anything to solve them. This in turn is influenced by a perception that digital offences are not ‘real’ crimes. Victims may also not consider themselves to be such if they’ve been refunded money stolen by fraudsters.

Yet here too language may have a part to play.

“We need to avoid saying ‘you will get your money back’, as it is not the victim’s money that is coming back; that money has gone to feed criminal enterprises,” Carter argues. “We need to instead say ‘you will be made financially whole’ or ‘you will be reimbursed’, because framing it as the victim getting their money back feeds into the wider misperception that once this is done there was no harm.”

In fact, fraud causes tremendous economic and societal harm. The proceeds of fraud are often reinvested into other nefarious activities, including cyber crime, drugs, gun running and even human trafficking. The challenge is so acute that one noted think tank has described fraud as a threat to national security. In this context, gaining a more accurate picture of the scale of the problem is the first step towards tackling it.