Social engineering didn't hack Joe's computer, it got him kidnapped. :[
Every day we see several friends being hacked or just media posts about how someone tricked a victim through a legitimately looking call into downloading a backdoor and completely took over their computer.
When it's "just" about a hacked computer or emptied bank account, victims learn a tough lesson and move on. But nobody talks about social engineering that leads to kidnapping, torture, or death.
We want to share one such true story. This has never been publicized.
Our team talked to a victim of a kidnapping for crypto who wanted to do a P2P trade. Let's call him Joe. A young European living somewhere in Central America. Won't share more details.
Joe's first contact with his future kidnappers was through telegram. Text and voice messages convinced Joe to go ahead with the opportunity.
The attackers first sent a person that Joe didn't feel good about: his voice was different from the one in the TG messages. He called the trade off. Well done, so far...
However, the gang was determined. They adjusted their strategy after realizing they needed to send someone more trustworthy.
The second potential trade peer pretended to be a novice to bitcoin. A normal looking middle-aged man. He met Joe at a bar. They talked for hours, and Joe genuinely started to like him. They parted ways with a loose plan to meet again "soon" and make the deal.
The next day, Joe's peer called. The trade had to happen today and it had to be at his family house. The urgency was sudden, but Joe didn't hesitate. He liked the guy, he trusted him so he jumped in his car and headed out.
Who wouldn't trust someone they'd already shared a drink with? Who wouldn't trust a family man? Right?
Upon arrival, Joe realized this was no house, but an apartment building. He thought it was the language barrier. When he was let into the apartment, he was greeted by his peer and invited into a bedroom. So far all good.
But soon after, Joe was surrounded by armed men, beaten, choked, and forced to transfer his crypto, which, unfortunately, was easily accessible from his phone.
After several hours, they changed his clothes and masked him so that he could be transferred out of the apartment complex without facility cameras making a recording. In his own car, they drove him far out into the middle of nowhere, stopped in a poor neighborhood in a dark alley, and stepped out of the car.
At that moment, Joe thought: That's it. I'm a dead man. He closed his eyes and waited, shaking. He was so scared that he sat there inside his car for a while. How long he doesn't remember well. He didn't dare look around. When finally he realized they were gone without killing him, he abandoned the car because they took his keys, his wallets and his phone. He started walking to look for help.
Despite being careful, there we several red flags he ignored. Now Joe knows. But he will be recovering - financially, mentally and emotionally for a while.
We hope this story can help you spot social engineering and avoid becoming yet another case in Gart's kidnapping stats page.
If you're not sure how to avoid falling into a trap, whether in face to face or remote social engineering, invest one day of your life to get a prep with a professional.
We mostly do private sessions which offer ideal amount of privacy and focus on the specific life situation. But those might not be accessible to everyone. So we do Open Group Gart Training - there's a few in our calendar for 2026 already. The closest will be 2 days ahead of BTC Prague. Sign up here:
https://gart.io/event/gart-training-btc-prague-2026-3/registerIf you're not able to travel, you can as well book a remote advisory call via our website, just browse through it and you'll find what you need.
