Nigerian Email Scammers Are More Effective Than Ever (wired.com) 129
You would think that after decades of analyzing and fighting email spam, there'd be a fix by now for the internet's oldest hustle -- the Nigerian Prince scam. But the problem, a new report suggests, has only grown to become more widespread and sophisticated. From the report: There's generally more awareness that a West African noble demanding $1,000 in order to send you millions is a scam, but the underlying logic of these "pay a little, get a lot" schemes, also known as 419 fraud, still ensnares a ton of people. In fact, groups of fraudsters in Nigeria continue to make millions off of these classic cons. And they haven't just refined the techniques and expanded their targets -- they've gained minor celebrity status for doing it.
On Thursday, the security firm Crowdstrike published detailed findings on Nigerian confraternities, cultish gangs that engage in various criminal activities and have steadily evolved email fraud into a reliable cash cow. The groups, like the notorious Black Axe syndicate, have mastered the creation of compelling and credible-looking fraud emails. Crowdstrike notes that the groups aren't very regimented or technically sophisticated, but flexibility and camaraderie still allow them to develop powerful scams.
On Thursday, the security firm Crowdstrike published detailed findings on Nigerian confraternities, cultish gangs that engage in various criminal activities and have steadily evolved email fraud into a reliable cash cow. The groups, like the notorious Black Axe syndicate, have mastered the creation of compelling and credible-looking fraud emails. Crowdstrike notes that the groups aren't very regimented or technically sophisticated, but flexibility and camaraderie still allow them to develop powerful scams.
It is a form of taxation. (Score:5, Insightful)
Well, by this point, after decades of reports on it, I wouldn't call it "fraud" exactly, more like some sort of tax... Idiot tax? Greed tax? Take your pick.
Re: (Score:3)
Re: (Score:1)
How exactly is the parent poster wrong? People spend millions every year on lotto tickets because they don't understand the most basic of financial calculations. The expected value of a risky asset, like a lottery ticket, is [(Present value of payout x Odds of payout) - Cost]. If that is negative, it's a bad deal, and like most forms of gambling lotto tickets are almost always negative, and therefore a poor investment. Still, so people hold on to the 'can't win if you don't play' mindset, and all but a
Re: (Score:3)
If a return was the only point of gambling, you'd be correct.
However, people pay for the thrill of gambling.
You lose money if you go on a rollercoaster ride too, but still some people do it, for the thrill. Others find it a waste of money, but who are they to judge how others choose to spend theirs?
Re: (Score:1)
There is a huge difference between people who play lottery thinking that they are going to win and it's going to fix their lives and those who play it just for fun.
Re: (Score:2)
Re: (Score:3)
Just for fun? Throwing money away willfully, is fun? BS. They think that they may reasonably win. They have no clue that their chances are negligible.
You don't seem to know much about human nature. Most people buying lottery tickets are fully aware than their chance of winning is negligible. They don't do it to "win".
When there is an office lottery pool, I will chip in and participate just because it is the social thing to do.
Re: (Score:2)
It's not that one may think they may reasonably win as much as they think that the chance of winning is still not zero.
They may realize their chances are negligible, but play anyways because they figure that the cost of buying the number of tiickets that they do is not any more significant to them.
Re: (Score:2)
You must be fun at a party:
You know what, I play the lottery. Two dollars every time it gets high. My odds of winning? Effectively zero. But you know what, that two bucks gives me a little bit of mental gymnastics to play with on what I might do if I won. Which I know I won't.
Do I buy ten, twenty, fifty? No. I buy one.
Re: (Score:1)
Guess you missed the post about people who buy thrills with roller-coasters rather than lottery tickets. Or maybe you just didn't understand it.
Either way, I'm not going to explain it.
Re: (Score:3)
While you are not entirely wrong, that is the position of someone who is financially OK.
If you are poor, with poor prospects, then the negative amount is the cost of buying a chance of getting out of the mess.
If you buy a lottery ticket for $1, then the impact on your life of losing that $1 is not great. You probably spend a lot of other dollars on uselessnes
Re: (Score:2)
Why spend a dollar on a *remote* chance that it might result in improvement when that dollar can still do some actual good now?
And I'm speaking as one whose life did actually suck (at least relative to what I could see around me) for a good portion of his adult life. Back then, while the money that I could have spent on lottery tickets wouldn't have actually hurt that much to lose,
Re: (Score:2)
if you win big, the rest of your life does not suck.
This is incorrect. For most lottery winners, their life temporarily sucks less, but they soon fall back below even their pre-win level of suckage. They usually squander their winnings, but often take on debt that they can't afford once the money is gone.
Re:It is a form of taxation. (Score:4, Informative)
Scams like those might be prevented with proper security and procedures, but they are way outside the realm of simple idiocy.
Billing scam, not Nigerian scam at all (Score:2)
What is described here is an invoice scam (or "billing scam").
https://www.scamwatch.gov.au/types-of-scams/buying-or-selling/false-billing
https://www.actionfraud.police.uk/fraud-az-invoice-scams
https://www.ag.state.mn.us/consumer/Publications/FakeInvoices.asp
https://www.consumer.ftc.gov/blog/2018/02/phishers-send-fake-invoices
Re:It is a form of taxation. (Score:5, Funny)
If you have access to someone's inbox and a rough idea about the company's inner workings, it's not at all hard to impersonate that person convincingly.
Dearest Robert M. Jones in Engineering,
We are Sally from Accounting! It is with great mercy and humble that we hereby implore for the urgent help with a great matter. It is our uncle the dearest Reverend Robert Snabo from Customer Support who did thereby become gravely ill with the gall cancer, and we must remit a sum of $1,000,000 for his immediate curation. Due to the terrible situation here in Accounting, we would pleased to send you a cheque for the sum of $1,050,000, with the balance $50,000 Yours to keep if you will help us here in Accounting by cashing this cheque and forwarding the remainder sum of $1,000,000 to our agent who will henceby contact You.
We in Accounting are deeply religious and we know that You are an honourable person humble with God and that you may will help the dearest Reverend Robert Snabo of Customer Support with his cancer treatments.
Dearest blessings upon your family and may the Creator be with us in our time of great need, here in Accounting.
Yours in deepest condolence, Sally Jessica Green, Accounting.
Re: (Score:2)
Yep, that's Sally.
Re: (Score:2)
Re:It is a form of taxation. (Score:5, Funny)
The biggest problem for me is, I am an actual Nigerian Prince and I want to transfer several million out of the country, but I can't find anyone to take it because of all these fraudsters. All I want is for someone to send me $1000, and I'll send them 100 million of which they can keep 10%. But nobody believes me thanks to these crooks. Any tips?
Re:It is a form of taxation. (Score:5, Funny)
Yea, send me the 100 Million as an electronic money transfer to the brokerage account I just opened for you, keeping $2000 in cash for yourself...To make the accounting easy, I've left it with a zero balance for now. I suggest you not use Western Union, but approach the bank where your money is on deposit, I'm sure if you really have that much on deposit, they can easily direct you into the proper way to do this, just show up in person. No, I won't take a check, not even a cashiers check, only electronic money transfers.
THEN, after I pay all the income taxes required by my country which takes at least a year, you are welcome to 90% of what's left.... Just show up at my door and provide proof that it's you. My address? Why yes, it's 1600 Pennsylvania Ave NW, Washington, DC 20500, come armed and tell the guards you won't take no as an answer and you don't need an appointment, they will take care of you.
Re: (Score:3)
God I wish hadn't spent all my mod points. That was good.
Re: (Score:2)
Maybe you should look into Bitcoin.
Re: (Score:2)
If you go that direction, my vote would be for the P.T. Barnum tax.
Actually, no... (Score:2)
RTFA. This is not the old "I be having footlocker full of money I'll send you, merely needing $USD1000 shipping and customs" scam.
This is (if you're the controller of company.com)
If you're not paying very close attention, cornpany.com looks very much like company.com.
This is absolu
Re: (Score:2)
Yeah, no.
PO number and invoice number, please, boss. And I've checked the system and there are no outstanding invoices from [companyname].
Has to go out today? To an account we don't have in our system? How come?
All you need are some very basic processes to keep this from working.
Re: (Score:3)
Yeah, no.
PO number and invoice number, please, boss. And I've checked the system and there are no outstanding invoices from [companyname].
If you read the article, you'll see that one of their techniques is to watch your inbox for a legitimate invoice, then change the payment information on that invoice to their bank.
So, yes, there will be a PO number and an invoice number.
Re: (Score:2)
Yeah, no.
PO number and invoice number, please, boss. And I've checked the system and there are no outstanding invoices from [companyname].
If you read the article, you'll see that one of their techniques is to watch your inbox for a legitimate invoice, then change the payment information on that invoice to their bank.
So, yes, there will be a PO number and an invoice number.
Who sends a check these days or makes payments to a payee account number that isn't on their on-line payments list?
One would think there be a reasonable process for vetting new account numbers for existing payees to their on-line payment list. It used to take an act of god to add/edit a new payee account in most accounts payable departments of medium sized companies (because of people using this path to embezzle money from companies), but I suppose many companies these days don't even have accounts payable
Re: (Score:3)
True. Proper procedures will prevent most of this kind of thing. But in too many companies, urgent email from the CEO gets less scrutiny that it ought to. The scammer is addressing the target by name. Often, the first email is just a "Hey, Bob, are you in the office right now?" ping.
The nastier ones are the ones like XXongo referred to, where they watch your inbox, or have infected your PC with malware that echoes all your mail to them. (I've seen both.) They just wait until there's a conversation ab
Re: (Score:2)
> That lends credence to the theory that the fractured English of the classic "Nigerian Prince scam" was deliberate, to filter out the less gullible.
Agreed. I think that about half a decade of that would have filtered out the poor English and obvious scammy nature of that stuff if it wasn't actually the correct way for them to filter out non-rubes quickly. Because of the nature of email (reasonably anonymous, inability to view who others have emailed, inability to contact other potential dupes- none o
Re: (Score:2)
Re:It is a form of taxation. (Score:5, Interesting)
Fool and his money....
I worked at a place as email admin. a few years ago. I pulled a email out of the spam pile for a user. It was a exchange between them and a Nigerian scammer. The user was a old guy in his 80's and had sending money to these scammers for years, and still expecting to get millions some time down the road.
The CEO told me to dig in to his account and found out how much he had sent. Turns out he had sent them his grand kids college money, mortgaged his house, his wife had divorced him, and his whole life was basically be soaked up by this scam.
I was ordered to block all contact with him and he scammer, which I happily did. Some higher ups got involved. The old fool got his lawyer involved and in the end I was instructed to unblock his account and let him go on his merry way.
Re: (Score:2)
Re: (Score:3)
While doing that same email gig I got a email from some Nigerian scammer about the millions that awaited me if I would just help a fellow out. I responded that I was the grand negas and how dare he waste my time with his pathetic scam. As punishment I had used my awesome magical powers to succor his soul. Unless he showed up at my door with the "funds" his email promised me in hand I would be forced to sell his soul to a demon to recoup my costs.
While I never expected a reply or anything to come of t
Re: (Score:2)
Re: (Score:3)
I could see that as a problem.....
Re: (Score:2)
Wrong header (Score:2)
It should read: Ever more stupid and greedy people online.
Re: (Score:3)
Wrong header
It should read: Ever more stupid and greedy people online.
Paying well-forged invoices is neither stupid nor greedy.
419 Scam? Isn't that what.... (Score:1)
The Clinton foundation was doing? Send us money now, for a big pay off once I'm in office!
Re: (Score:2)
> Isn't that what.... the Clinton foundation was doing? Send us money now, for a big pay off once I'm in office!
Not really, I'm pretty sure the Clintons would have paid their debts to their friends and financiers if they had won, and everyone funneling money to a political family or candidate understands that there is a substantial risk of failure in a democracy. It's probably why the money needed to pay off Democrats and Republicans is so small, especially considering how mighty the USG actually is, co
Re: (Score:2)
The Clinton foundation was doing? Send us money now, for a big pay off once I'm in office!
No, that would have been a sound investment.
The actual scam from 2016 was: Send us money now, and we'll "drain the swamp"!
Forget the prince... (Score:5, Interesting)
Re: (Score:2)
A friend fell hard for an American nurse he meet over the Internet who works for a hospital in Nigeria. This "relationship" went on for a whole year. When he lost his job and started having financial difficulties, I found out about his Internet girlfriend and started asking his questions. It was too late. He wired his entire savings of $5K on the promise that he would get back his money plus $10K to "hold" for her until she got back to the US. When the check didn't show up, the amount that he would hold gradually increased to $20K. He got mad when I told him he got scammed by a Nigarian confidence scammer. The only proof that he has that this "woman" exist are pictures and texts. No video, no audio. A year later he is still waiting for his check, still thinks he has a girlfriend and believes that she is the victim of the Nigerian government because the president is too ill to sign anyone's paycheck.
Question 1 to self, is it too good to be true? Question 2 to self, are you willing to do anything to make it true. If either or both answers are yes... well unfortunately too many people that answer yes don't really care to move onto the realization that unless you are born to wealth or something, good things come from equally hard work and some things you can't have no matter how hard you work.
Re:Forget the prince... (Score:5, Insightful)
The only proof that he has that this "woman" exist are pictures and texts. No video, no audio. A year later he is still waiting for his check, still thinks he has a girlfriend and believes that she is the victim of the Nigerian government because the president is too ill to sign anyone's paycheck.
Hey, almost half the world think there's a God because there's a 2000/1400 year old book about it. They don't even get pictures...
Re: (Score:3)
Hey, almost half the world think there's a God because there's a 2000/1400 year old book about it. They don't even get pictures...
You can get them with pictures these days!
Plus, the stand-in pictures were "stained glass windows" in churches for centuries because the average person couldn't read the bible anyway.
Re: (Score:3)
Re: Forget the prince... (Score:1)
The existence of life (or even the universe itself) is the only testament you need to be sure God exists. There is absolutely zero chance that life formed anywhere in the universe without intelligent intervention.
Amino acids can form spontaneously under the right conditions. The probability of those amino acids randomly assembling into a simple useful protein, given all the time since the big bang, is less likely than picking one marked atom from all the atoms in the universe. The chance that sufficient use
Re: (Score:2)
It's funny, you talk about science and observation but
Re: (Score:1)
Location confusion (Score:1)
There is probably lots of confusion between someone claiming to be from Nigeria versus scams actually happening in Nigeria, and vice versa. If I were a Nigerian scammer I would not claim to be in Nigeria because of the country's spamming stigma. For anything mailed, I'd get a buddy in another country to help.
Re: (Score:3)
Re: (Score:1)
Hey, Nigerian nurses are hot; I can understand the draw.
Local gals ain't cheap either. The President can vouch for that.
mastered... (Score:2)
...mastered the creation of compelling and credible-looking fraud emails.
Really? Because I've never seen one that couldn't immediately be pegged as a 419 scam. The stilted and over formal English is one clue, the almost constant use of a first name for both first and last names ("Dr Thomas James") and the use of impressive titles for people who are in a mundane job (Rev Dr [guy who distributes checks]) are indications.
And, of course, the need for a small payment, regardless of how large and official the o
Re: (Score:2)
$50 for the courier if they're sending you a check for $27,500,000 US dollars ONLY*. // this offer is legal and entirely legitimate
I'm convinced! Where do I send the check?!
The Success of the Nigerian Scam (Score:2)
Re:The Success of the Nigerian Scam (Score:5, Interesting)
There is an old con artist trick that easily predates the Internet. Someone approaches you with a "winning" lotto ticket. They say they can't claim the prize themselves because they owe the government money. If you'd pay their fines they could claim the prize and they are willing to offer you a substantial share in return.
This is retold in various ways, like they have a winning stub for a race horse. But the winnings are too large to pay in cash and the race track requires a wire transfer. But the con will ask for some money to open a bank account. Then this can easily go to where he convinces you that the winnings should go into your bank account, but he says he doesn't want to get ripped off so maybe you should pay him some of it first just prove that you're honest. Like maybe $200. (or whatever is the typical maximum you can pull from an ATM at once)
That people can do this anonymously and over the internet makes it far more scaleable of a con. But it's a very old con. The Internet just makes everything BETTER.
Re: (Score:3)
con is of course short for confidence...
There will always people trying to gain your confidence [wikipedia.org]...
Re: (Score:2)
Things haven't changed much. If you search ancient papyri, I bet there's one from a Hittite prince kidnapped by Mittanian pirates who beseeches help from a kind Egyptian noble such as you who could help pay the ransom and then be handsomely rewarded -- just use this new money transfer service those Phoenician devils invented.
Re: (Score:2)
These scams don't primarily target the desperate, but the greedy.
Some people are both, but rich greedy folks fall for scams all the time.
FBI should start sending out ... (Score:4, Interesting)
Re: (Score:2)
The FBI should start sending out fake Nigerian spam, then sending anyone who responds an automated warning that "if this were a real scam, you'd be broke soon." Call it a mass education campaign.
Bah, the FBI, always trying to keep me from my rightful millions!
They wouldn't understand (Score:2)
Re: (Score:2)
So the money spent on fighting confidence scams should instead be spent on curing dementia? I'm cool with that.
Now on Facebook too! (Score:2)
Just today I got a messenger request from someone in Nigeria. I looked at their profile, and they had all sorts of checkins at glorious sounding hotels and places with the word 'palace' in them. I just marked them as spam, but I'm sure if I let them talk to me, the scam would have started immediately.
The adage still holds (Score:1)
A fool and his money are soon parted
Re: (Score:1)
They do. Ghana has actually mixed online scamming with witchcraft, they call it Sakawa.
Re: (Score:2)
Surely other countries have spammers too?
Only the first level of scammer is typically in Nigeria. They are the ones who mass send out the e-mails and harvest e-mails from online mailing lists, etc. Once they catch a potential target they pass the account off to someone typically who has a little better English, and frequently living in Europe. They work in teams (if you pay attention, you can catch their e-mail address changing sometime- this is when you're getting passed off to one of the better informed scammers).
There was a big hub of activ
Re: (Score:2)
Sadly, multi-level marketing and lead trafficking is an un-stopable business endeavor...
Even for semi-legit organizations, say if you donate money to some non-profit. Non-profits often outsource fundraising. If you decide to donate to one non-profit, the fund raising company might actually sell the fact that you donated up the food chain to another larger organization so they can attempt to solicit money from you. This information is a called a "lead" and there are whole businesses built upon selling lea
How does this work? (Score:2)
Because there are many people who are more greedy than smart.
Human nature (Score:4, Insightful)
Re: (Score:2)
What did the foo fighters ever do to you?
or are you talking about the Fantastic Four?
Re: Human nature (Score:2)
Re: (Score:2)
More blue hairs, bud (Score:1)
You know what they say? (Score:2)
not sure if it's nigerian (Score:1)
recently I received
"Hello!
Do not consider on my illiteracy, I am foreign.We uploaded mine malicious program onto your OS.After that I stole all privy information from your system. Furthermore I had some more compromising.The most entertaining evidence which I thieftend- its a videotape with your self-abusing.I installed virus on a porn site and after you installed it. When you chose the video and pressed play button, my deleterious soft immediately downloaded on your system.
After loading, your web camera ma
Re: (Score:2)
This is an old problem of the modern era (Score:1)
So... about 13 people then (Score:2)
also known as 419 fraud, still ensnares a ton of people
So... about 13 people then.
Follow the yellow brick road... (Score:1)
Only problem is that, it's green ($$$) and muddy (like their heads). People are getting more greedy and stupid to boot.
Good news (Score:4, Funny)
If an actual Nigerian prince ever gets into a pickle and needs some assistance from strangers, it's good to know that the general public hasn't yet become too jaded to help, and he still has some hope.
Hmm... (Score:2)
I get these a lot (Score:2)
I've had the same email address since the early nineties, back when we didn't see the harm in having our email addresses in plaintext on Usenet (boy does that sound dumb now) and even despite spam filters I have to wade through junk mail on a daily basis.
Every so often I browse through the email caught by my spam filter, on the off chance that I am missing something important. (I have a photography business and get job offers through email.) The Nigerian Prince, God Fearing Mom, Crooked General, Post Offi
Michael Gary Scott (Score:2)
Nigirian Scams bah - charities are the worst (Score:2)
My 87 year old mother keeps sending "Legitimate" Charities more money than she can really afford after they send her sob story emails. Because she has a record of supporting them in the past they won't let go. I'll never support a mainstream charity with an email operation again.
Re: (Score:2)
I used to collect these scam emails ... (Score:2)
I used to collect these scam emails [baheyeldin.com] on my web site.
Every week or two, I will get an email asking if such and such email is true, or asking to verify a winning ticket, or contacting the Sultan of Brunei [baheyeldin.com] for charity or a project, ...etc..
The sad thing is that while some of these emails are from the USA and other developed countries, the vast majority are from desperate people in poor countries. Some of them already paid the scammers and believe the documents provided by them, such as lawyer and bank certifica
ML/AI (Score:1)
Are they using ML/AI technologies to identify their victims?
Re: (Score:2)
I actually laughed out loud when I read
groups of fraudsters in Nigeria continue to make millions off of these classic cons.
because it's too adorable that whoever wrote that thinks you actually have to be in Nigeria to pull off the Nigerian prince scam...