The Chinese tradition of red envelopes involves gifting money in red paper envelopes to friends and relatives around holidays, such as the Lunar New Year in late winter.
This custom has been around for centuries, but more recently Chinese tech companies have developed their own wildly popular digital versions of the red envelope tradition. Many Chinese social media and consumer apps have come out with their own versions of red envelope gifts, giveaways, and games that allow users to send money to their loved ones electronically, as well as earn free money by entering giveaways or playing different mini-games.
With the growing popularity of these digital gifts, giveaways, and games, Chinese-speaking cybercriminals have in turn developed a myriad of different scams, fraud, malware, and money laundering schemes all centered around digital red envelopes.
Message from a red envelope scam channel on Telegram wishing everyone a Happy Lunar New Year.
What are digital red envelopes?
Hóngbāo (红包) or “Lucky Money” envelopes are a centuries-old Sinosphere tradition of gifting money in red paper envelopes, usually between friends and family to celebrate holiday traditions, birthdays, festivals, weddings, & other occasions. The envelopes are red, which is considered the luckiest color in Chinese culture, and they are often decorated with gold decorations which symbolize wealth. To make them even luckier, red envelope gifters might give money in “lucky number” amounts of yuan like 888, 666, or 1314.
In 2014, WeChat developed a digital version of these red envelopes for gifting money which was immediately popular and 8 million users were incentivized to link their debit card information to their WeChat accounts. Since then, the other major Chinese consumer tech applications (like QQ, Alipay, and Baidu) have also followed the trend. These hóngbāo functions are usually integrated with users’ digital payment accounts within these apps, so when someone opens an envelope, the money is instantaneously transferred into their WeChat Pay or AliPay account. Billions of dollars are exchanged every year using digital red envelope features.
In the past decade since WeChat launched this feature, it has exploded in popularity, both for small gifts between users, as well as giveaways and mini-lotteries from corporations or government organizations. For example, in 2020, China’s central bank issued 10 million yuan ($2 million) of digital currency to 50,000 randomly selected citizens as part of a launch for their new digital yuan payment system. Each winner received a red envelope gift with 200 digital yuan which could be redeemed by downloading the Digital RMB app.
In order to up the ante and make gifting the digital red envelopes more exciting, various iterations of digital red envelopes have added various elements of gamification, for example:
- WeChat group chat red envelopes: WeChat’s red envelope feature can be used to directly gift currency to friends and relatives, but when sending hóngbāo to group chats, users have the option of selecting any number of red envelopes to send and any amounts (or randomized amounts) in each envelope. That way, all of the other members of the group chat have to tap quickly in order to ‘grab’ or ‘rob’ the best envelopes before they run out.
- “Pokemon Go” red envelopes: Inspired by the success of the augmented reality (AR) game Pokemon Go, Alipay launched an AR red envelope game where users could hide virtual red envelopes in different locations and send their friends or followers clues for where to find them in real life.
- CCTV Tie-Ins: Chinese social media companies also sponsor the “branded red-packet battle” for the official Spring Festival Gala coverage on the state-owned television channel CCTV. During this broadcast, whichever social media company sponsors the battle that year has interactive mini-games which require users to complete different actions during the broadcast to win money.
A GIF of someone aggressively clicking their phone to ‘rob’ red envelopes. GIF is from a news story that was posted to QQ.
How are criminals and fraudsters taking advantage of the digital red envelope trend?
The ubiquity of these digital hóngbāo gifts, giveaways, and games have conditioned people in China, as well as people engaged in the Chinese app ecosystem, to expect lots of legitimate free monetary gifts, especially during the Spring Festival. Often people also have to act quickly and complete small tasks in order to earn and redeem this free money. Essentially, this has conditioned many users to drop their guard and react quickly when someone offers them free money in the context of digital hóngbāo, making it an extremely fruitful pretext for fraudsters and scammers to take advantage of people.
There are a number of popular red envelope-themed scams and schemes, including phishing, gambling scams, malicious grabber software, and money laundering operations.
Hóngbāo-themed phishing
- Phishers often use the promise of fake red envelope gifts as a phishing lure either to steal information or entice users to install malware. Generally red envelope-themed phishing is pretty straightforward, it uses the sense of urgency that is created by red envelope “grabbing” games on various apps as well as the promise of money to get people to click quickly and input their information without thinking. Clicking on a malicious URL might lead to malware installation or it might prompt users to input digital account or banking information in order to “claim their prize.”
A screenshot of a phishing page from a news video about malicious red envelopes on Weibo.
Red envelope gambling games
-
Gambling is illegal in China, but there are still widespread digital gambling offerings operated by Chinese criminals, many of which are operated outside of the Chinese internet (for example, on the Telegram messaging app). One widespread gambling scam involves a hóngbāo-themed “minesweeper game” where users buy into the game for a set amount (usually paid in the Tether cryptocurrency) and use the buy-in money to “buy” a red envelope for the round. When the round closes, the player(s) who picked the unlucky numbered envelope (or “stepped on a mine” in minesweeper parlance) have to send a larger amount of money back to the game owner to keep playing.
When players attempt to cash out their winnings, game owners often string them along with “transfer errors” and other fabricated issues to avoid paying out any money. Sometimes, game owners will even require victims to recruit new players to the game, promising them a payout once they have coerced others into buying into the scheme, but generally this is also a trap, and anyone claiming to have won money from one of these games is likely a shill that is operating in collusion with the game owner, or in Mandarin, “twoh” (雇来的“托”).
Screenshots of red envelope gambling game messages on Chinese Telegram channels.
Malicious red envelope grabber software
-
In response to the popularity of red envelope “grabbing” in WeChat group chats and other apps like QQ, some people developed mobile applications to cheat. Red envelope grabbing software is essentially a third-party application that runs on your mobile device and can interface with your social media applications to “grab” the red envelopes in all of your group chats before your friends have a chance to “rob” them.
Tencent, the company that owns WeChat, has actually sued some of the developers of these grabber tools for “unfair competition.” As a result, most of these applications are unavailable through official app stores and require users to side-load the grabber apps.
Generally, these third-party grabber applications function by taking advantage of accessibility services on mobile phones in order to take control of the phone and simulate human clicking. However, giving an app the necessary permissions to read and control other applications, also gives that app free reign to do basically anything on your phone. This makes them inherently dangerous. Often, these red envelope grabber apps are actually mobile malware in disguise. Some function as advertised while also stealing data in the background, while others go so far as to hijack the digital payments and redirect them to accounts owned by the app creator.
A screenshot of malicious code with excessive permissions from a red envelope grabber software.
A screenshot of malicious code with excessive permissions from a red envelope grabber software.
Money laundering with red envelopes
-
Criminals also enlist mules to help them launder money through small red envelope gifts. In many instances, the mules are witting, earning small commissions through their “part-time job running points.” To earn a commission, the mules will purchase small-value red envelopes through their personal accounts in an agreed-upon amount and send them to the operator of the “running points” scheme. Then, they will receive a red envelope worth a slightly higher value in return which includes their small commission.
Often these money laundering operations take advantage of the “password red envelope” functionality on some apps like AliPay, WeChat, and QQ. With password red envelopes, instead of directly sending money to another account, the hóngbāo sender creates a digital red envelope with money inside and creates a password, the recipient then redeems that red envelope by going to the app and entering the secret password or scanning a QR code.
The operators of these schemes can also screw over the mules by allowing them to earn commissions on increasingly large transactions and then ghosting them after they’ve sent a particularly large payment.
Screenshots of Telegram messages explaining money laundering operations.
Key takeaways - stay vigilant!
About a decade ago, WeChat brought the centuries-old Chinese tradition of red envelope gifts (Hóngbāo) into the digital age. Now, most of the major Chinese social media platforms have their own red envelope services and games.
Cybercriminals and scammers have taken advantage of these digital red envelope services and games to trick victims into giving away their personal information, falling prey to scams, and downloading malware.
This Lunar New Year, make sure to stay vigilant and don’t fall for any red envelope-themed scams, schemes, or tricks!
Keep reading
