Fraud Prevention Templates: Nigeria.

Before I get to today’s fraud prevention rule-of-thumb, I want to make it clear that I am in no way disparaging the people or the culture of Nigeria.

I mean, King Sunny Adé and Ebenezer Obey come from Nigeria, and their music totally owns.

However, it’s also a fact that a certain type of scam originated in Nigeria, and is even named after a section of their criminal code (the illustrious Nigerian 419 Scam). So here’s our rule:

If you get an email or a letter that has anything at all to do with Nigeria and money, it is fraudulent.

This includes phone numbers, websites and email addresses, too; if the message includes a really long phone number that starts with the International Dialing Code “234” or a web/email address ending in “.ng,” it’s a scam.

Of course, since almost all of these scams involve strangers offering you large sums of money, if you’ve already read certain other Fraud Prevention Template articles, you won’t even need to know what country code top-level domain Nigerian URLs have.

Naturally, there are plenty of 419 scams that don’t involve Nigeria at all. This is just one quick litmus test.

Ridiculous Spam Friday VII: The New Blood.

Yes, I’m repurposing titles from the Friday the 13th film franchise for these, in case you were wondering.

First contestant:

From: Laboratorio de Genetica Molecular <geneticamolecular@hc.ufu.br>
Date: Tuesday, April 06, 2010 6:06 AM
To: undisclosed-recipients:
Subject: Matter That Needs Your Attention!!!

Good day,

This is a personal email directed to you for your consideration alone, I request that it remain and be treated as such only. Please bear with me for now and do not ask my name. I am a banker with HSBC here in Malaysia

I have an interesting business proposal for you that will be of immense benefit to both of us. Although this may be hard for you to believe, we stand to gain 7.2 million USD between us in a matter of days. Please grant me the benefit of doubt and hear me out. I need you to signify your interest by replying to this email..

Most importantly, I will need you to promise to keep whatever you learn from me between us even if you decide not to go along with me. I will make more details available to you on receipt of a positive response from you.

When I first saw “Laboratorio de Genetica Molecular” I thought it said “Banco del Mutuo Soccorso” and thought, “Cool! I got an email from the best Italian progressive rock band ever (with the possible exception of Goblin)!”

Then I read it again.

Notice the request for secrecy in the last paragraph. That’s a classic ploy; “don’t tell anyone about this, because they might tell you it’s a scam.”

But what I’m really in love with is the line, “Please, bear with me for now and do not ask my name.” What are you, the Man From U.N.C.L.E.? Nothing says “trust me” like “I’m not telling you my name.”

By the way, if this guy is from Malaysia, why is his email address from Brazil (.br)? File this one under “advance fee fraud.”

Second contestant:

From: Apple AppStore <up-to-date@store.apple.com>
Date: Friday, April 09, 2010 4:45 PM
To: [correct address]
Subject: 883.19284 Apple App-Store Confirm Order

Apple Store
Call 1-800-MY-APPLE

—————————————————–
ID:65-582602
Order Status

You can also contact Apple Store Customer Service or visit online for more information.
—————————————————–

Visit the Apple Online Store to purchase Apple hardware, software, and third-party accessories.
Copyright 2010 Apple Inc. All rights reserved.

I don’t think it’s actually called the “AppStore,” is it?

The words “Order Status” linked to http://dcgames.com.br/bucknell.html. I’m pretty sure a real email from Apple would like to—oh, I don’t know…maybe APPLE? Once again, that “.br” domain name comes into play. The plot thickens. I’m not 100% sure what the “payload” of this spam is, but I’m guessing it’s a malware site.

Final contestant:

From: WESTER UNION <westernmoney1@w.cn>
Date: Tuesday, March 30, 2010 6:45 AM
To: none
Subject: CUSTOMER

Dear Western Union Customer,

You have been awarded with the sum of $50,000 USD by our office, as one of our customers who use Western Union in their daily business transaction.

This award has been selected through the internet, where your e-mail address indicated and notified. Please provide MR.stephen pagerwith the following listed below so that your fund will be remited to you

through Western Union.

1. Name:______
2. Address________
3. Country:_______
4. Phone Number____
5. Occupation:________
6. Sex:_________________
7. Age___________________

Mr.STEPHEN PAGER
Tel: +234 8021-468-331
E-mail:westernmoney1@w.cn

As soon as these details are received and verified, your fund will be transferred to you. Thank you, for using western union.

Le sigh. Really?

What I absolutely love about this message is the lines after “Name” and the other information. Like you’re going to print this out and fill in the blanks in pen and then…well, I’m not sure. Phone it in? Email a piece of paper?

Let’s get this straight: Western Union does not just give money to random people, whether they use the service regularly or not. I have never used Western Union at all, nor have I used “WESTER UNION,” whatever that is.

Also, I’m pretty sure Western Union isn’t based in China (.cn), and I bet you can’t guess what country that phone number is from.

It’s Nigeria.

That makes this message the setup for a Nigerian 419 scam.

What is a Nigerian 419 scam?

In the world of fraud prevention, you’ll see the term “Nigerian 419 Scam” come up quite a lot. But what is it?

Simply put, a Nigerian 419 scam (or just “Nigerian scam”) is a type of advance fee fraud; the victim sends or wires money to the scammer in hopes of receiving a large payout. Naturally, this payout never comes.

In the early days of the scheme (1980s), crooks used postal mail and fax to try and hook people, but email is the preferred medium today—you can send millions of messages at the same time, for free.

Here’s the hook: the con artist claims to be a relative of a deposed dictator, an African prince living in exile, a government employee, banker, or similar. In every case, they claim to know of a large sum of money, either their own or someone else’s, but need your assistance in obtaining it. In return for your help, they will give you a percentage of the fortune, usually to the tune of several million dollars.

The victim will be asked to help by sending money, either to bribe a bank official or to set up a bank account (they are given the impression that they must keep a certain amount of money in a Nigerian bank in order to get a piece of the fortune). Once the victim starts sending money, the con artists will claim to experience various delays and the need for more cash, in hopes of further stealing from the victim.

At some point, the victim either realizes they’ve been had, or the crooks move on to new victims. There have been cases of victims being kidnapped, robbed and murdered, as well.

It sounds so obvious when you deconstruct it, but the simple fact is that an awful lot of people still fall for this scheme. Crooks don’t keep hammering away at scams that don’t work.

There are a thousand different signs to watch out for, like messages sent from free web-based email addresses or persons asking you to wire money via Western Union or Moneygram, but I think we can narrow it down to just this one point: never send money in an attempt to get money (or gold, diamonds, or anything else).

For one thing, how many Nigerian princes do you think there are in the world? How did this prince, banker, government official or whatever, just happen to pick you, out of over six billion other people on Earth? How do you know you’re dealing with a real person at all?

More to the point, why in the world would you even attempt to get your hands on a pile of stolen or embezzled cash? Think about that—stealing is stealing, no matter what country it originated in. Even if it all turned out to be true, how do you think you’re going to explain $2,500,000 to the IRS? They’re going to ask. You know they will.

Of course, that won’t happen, because it never turns out to be true. Stop asking yourself, “But what if it is?” right now. It’s not. In the history of the entire universe, there has never been a single case of this deal being legitimate.

By the way, why is it called a “Nigerian 419 scam” in the first place?

Well, these things originated in Nigeria in the 1980s, when their economy was circling the drain in a major way (they’ve never really recovered). Many of these scams still come from Nigeria, and there may be actual Nigerian government officials involved in some of these schemes, which can be run by single people acting alone, or by powerful organized crime syndicates. “419” is an article of the Nigerian Criminal Code that deals with fraud.

 HPHKR5STV262