I work in IT in New Zealand. My boss is from ex-military foreign unit, of about 600 sailors. They regularly meet. They also socialize on Facebook.

To join their Facebook group, you needed to be vetted, providing information like your commander's name, ship, military ID, rank, ...

Anyhow one of his buddies contacted him on instant messaging, and they talked for several weeks.

His buddy said he was in some kind of trouble and needed a loan. He originally asked for $35,000, but my boss agreed to some small amount.

(My boss is a little hazy on the following details) His buddy first asked for bit-coins, but that didn't happen. His buddy then asked for a transfer, which didn't happen.

Finally his buddy asked my boss to login remotely to his PC, then login into via the remote PC to my bosses bank account and arrange a small transfer.

Anyhow I'm sure you've guessed what followed. Shortly after my bosses bank account was wiped clean entirely, of $11,000. The con artist used a Chinese bank to receive the money.

In hindsight, the con artist had successfully cloned a Facebook account, and got accepted into a small private group.

The con faked military knowledge, and local knowledge of where the ship was stationed. It's extremely likely spoke two languages (a third if you count Chinese).

My boss swears it couldn't have been one of his ex-military foreign buddies. That he would trust any of his foreign military buddies with his life.

It's easy to blame the victim, "he should have known better", but it's easy to be too trusting.

He's at least told all his other buddies, so they won't be conned also, instead of hiding his mistake.

He has talked to his bank's anti-fraud unit

He and his buddies have threatened to kill the con artist if identified, and I believe him.