Non-electronic scams are still a threat

A lot of the articles I write concern scams and fraud that in some way depend on electronic communications (email or websites) to function. Nigerian 419 scammers have probably saved thousands of dollars on postage since the widespread adoption of email.

However, not all scams occur online.

Just this week, I heard about two separate cases locally. One was an elderly person who let two men who claimed to be from the power company enter his home. They quickly found a large stash of cash in the victim’s bedroom.

There was also the case of a person just out of high school who got a letter in the mail tell him he’d won the lottery. He ended up wiring just under $2,900 to a criminal overseas.

The home entry scam almost always targets elderly victims who live alone. If this sounds like your relative, neighbor or friend, you need to warn them about this type of robbery. Make sure they know never to let anyone in without seeing identification and confirming the visit with the power company (or whoever claims to be visiting). Also, encourage them to keep their money somewhere other than inside their house. I know there’s been a recession lately, but 1929 was a very long time ago, and we have FDIC and NCUA insurance in case of a major meltdown. Perhaps we should ask this most recent victim which turned out to be safer: keeping his money in a financial institution or in his house.

A lottery scam is a lottery scam, and it doesn’t matter if the message is in your inbox or on paper. I think a lot of people know about the email version of the Nigerian 419 scam, but when it shows up on paper, they let their guard down. It’s sort of the opposite of 15 years ago, when everybody immediately trusted everything that showed up in an email.

I wish there was a statistic on email vs. paper Nigerian 419 scam success rates. I’d be willing to bet the paper version actually snags more victims. Just remember that it doesn’t matter what form it takes, it’s always fraud.

Ridiculous Spam Friday VII: The New Blood.

Yes, I’m repurposing titles from the Friday the 13th film franchise for these, in case you were wondering.

First contestant:

From: Laboratorio de Genetica Molecular <geneticamolecular@hc.ufu.br>
Date: Tuesday, April 06, 2010 6:06 AM
To: undisclosed-recipients:
Subject: Matter That Needs Your Attention!!!

Good day,

This is a personal email directed to you for your consideration alone, I request that it remain and be treated as such only. Please bear with me for now and do not ask my name. I am a banker with HSBC here in Malaysia

I have an interesting business proposal for you that will be of immense benefit to both of us. Although this may be hard for you to believe, we stand to gain 7.2 million USD between us in a matter of days. Please grant me the benefit of doubt and hear me out. I need you to signify your interest by replying to this email..

Most importantly, I will need you to promise to keep whatever you learn from me between us even if you decide not to go along with me. I will make more details available to you on receipt of a positive response from you.

When I first saw “Laboratorio de Genetica Molecular” I thought it said “Banco del Mutuo Soccorso” and thought, “Cool! I got an email from the best Italian progressive rock band ever (with the possible exception of Goblin)!”

Then I read it again.

Notice the request for secrecy in the last paragraph. That’s a classic ploy; “don’t tell anyone about this, because they might tell you it’s a scam.”

But what I’m really in love with is the line, “Please, bear with me for now and do not ask my name.” What are you, the Man From U.N.C.L.E.? Nothing says “trust me” like “I’m not telling you my name.”

By the way, if this guy is from Malaysia, why is his email address from Brazil (.br)? File this one under “advance fee fraud.”

Second contestant:

From: Apple AppStore <up-to-date@store.apple.com>
Date: Friday, April 09, 2010 4:45 PM
To: [correct address]
Subject: 883.19284 Apple App-Store Confirm Order

Apple Store
Call 1-800-MY-APPLE

—————————————————–
ID:65-582602
Order Status

You can also contact Apple Store Customer Service or visit online for more information.
—————————————————–

Visit the Apple Online Store to purchase Apple hardware, software, and third-party accessories.
Copyright 2010 Apple Inc. All rights reserved.

I don’t think it’s actually called the “AppStore,” is it?

The words “Order Status” linked to http://dcgames.com.br/bucknell.html. I’m pretty sure a real email from Apple would like to—oh, I don’t know…maybe APPLE? Once again, that “.br” domain name comes into play. The plot thickens. I’m not 100% sure what the “payload” of this spam is, but I’m guessing it’s a malware site.

Final contestant:

From: WESTER UNION <westernmoney1@w.cn>
Date: Tuesday, March 30, 2010 6:45 AM
To: none
Subject: CUSTOMER

Dear Western Union Customer,

You have been awarded with the sum of $50,000 USD by our office, as one of our customers who use Western Union in their daily business transaction.

This award has been selected through the internet, where your e-mail address indicated and notified. Please provide MR.stephen pagerwith the following listed below so that your fund will be remited to you

through Western Union.

1. Name:______
2. Address________
3. Country:_______
4. Phone Number____
5. Occupation:________
6. Sex:_________________
7. Age___________________

Mr.STEPHEN PAGER
Tel: +234 8021-468-331
E-mail:westernmoney1@w.cn

As soon as these details are received and verified, your fund will be transferred to you. Thank you, for using western union.

Le sigh. Really?

What I absolutely love about this message is the lines after “Name” and the other information. Like you’re going to print this out and fill in the blanks in pen and then…well, I’m not sure. Phone it in? Email a piece of paper?

Let’s get this straight: Western Union does not just give money to random people, whether they use the service regularly or not. I have never used Western Union at all, nor have I used “WESTER UNION,” whatever that is.

Also, I’m pretty sure Western Union isn’t based in China (.cn), and I bet you can’t guess what country that phone number is from.

It’s Nigeria.

That makes this message the setup for a Nigerian 419 scam.

What is a Nigerian 419 scam?

In the world of fraud prevention, you’ll see the term “Nigerian 419 Scam” come up quite a lot. But what is it?

Simply put, a Nigerian 419 scam (or just “Nigerian scam”) is a type of advance fee fraud; the victim sends or wires money to the scammer in hopes of receiving a large payout. Naturally, this payout never comes.

In the early days of the scheme (1980s), crooks used postal mail and fax to try and hook people, but email is the preferred medium today—you can send millions of messages at the same time, for free.

Here’s the hook: the con artist claims to be a relative of a deposed dictator, an African prince living in exile, a government employee, banker, or similar. In every case, they claim to know of a large sum of money, either their own or someone else’s, but need your assistance in obtaining it. In return for your help, they will give you a percentage of the fortune, usually to the tune of several million dollars.

The victim will be asked to help by sending money, either to bribe a bank official or to set up a bank account (they are given the impression that they must keep a certain amount of money in a Nigerian bank in order to get a piece of the fortune). Once the victim starts sending money, the con artists will claim to experience various delays and the need for more cash, in hopes of further stealing from the victim.

At some point, the victim either realizes they’ve been had, or the crooks move on to new victims. There have been cases of victims being kidnapped, robbed and murdered, as well.

It sounds so obvious when you deconstruct it, but the simple fact is that an awful lot of people still fall for this scheme. Crooks don’t keep hammering away at scams that don’t work.

There are a thousand different signs to watch out for, like messages sent from free web-based email addresses or persons asking you to wire money via Western Union or Moneygram, but I think we can narrow it down to just this one point: never send money in an attempt to get money (or gold, diamonds, or anything else).

For one thing, how many Nigerian princes do you think there are in the world? How did this prince, banker, government official or whatever, just happen to pick you, out of over six billion other people on Earth? How do you know you’re dealing with a real person at all?

More to the point, why in the world would you even attempt to get your hands on a pile of stolen or embezzled cash? Think about that—stealing is stealing, no matter what country it originated in. Even if it all turned out to be true, how do you think you’re going to explain $2,500,000 to the IRS? They’re going to ask. You know they will.

Of course, that won’t happen, because it never turns out to be true. Stop asking yourself, “But what if it is?” right now. It’s not. In the history of the entire universe, there has never been a single case of this deal being legitimate.

By the way, why is it called a “Nigerian 419 scam” in the first place?

Well, these things originated in Nigeria in the 1980s, when their economy was circling the drain in a major way (they’ve never really recovered). Many of these scams still come from Nigeria, and there may be actual Nigerian government officials involved in some of these schemes, which can be run by single people acting alone, or by powerful organized crime syndicates. “419” is an article of the Nigerian Criminal Code that deals with fraud.

 HPHKR5STV262