Though it amazes many in the security field, the classic ‘Nigerian’ scams remain lucrative for criminals as economic strain compels otherwise careful consumers to grasp at straws – and fall for scams that they would otherwise dismiss.
In this example, the recipient is asked by no less than a ‘bank director’ to ‘legally’ help move funds from South Korea to the US. Beyond the obvious fact that legitimate fund transfers are not conducted in this fashion, and anyone agreeing to assist in this way would obviously be breaking the law, this email reeks of fraud.
NOTE: A look to the Future
Further complicating the fraud landscape, much of Africa will switch from it’s current dial-up access to broadband next June (2010). This represents an important improvement for the continent’s Internet users, but it also represents an unparalleled opportunity for scammers who have been severely constrained by access limitations. We anticipate the current volume of exploitive emails to be dwarfed as the increased bandwidth allows spam distribution to reach unprecedented new levels.
Those who have not yet honed their spam scam spotting skills by next June are in for a world of hurt. Prepare yourself, and then help others.
Test Your Skills
You should be able to find at least ten red flags that tell you this e-mail is fraudulent. Click on the picture below to see the answers, but try to find them yourself, first. If you find ten, you’re a pro with little to worry about. If you find fewer than ten, consider practicing on some more of our spam scam examples.
Here are the red flags that show this is a scam:
- The email service is @fastmail.it. When you haven’t heard of the email service it’s time to check it out. A quick search online shows it is associated with fraud “trustworthiness, vendor reliability and privacy of this site is unsatisfactory”.
- A quick search on Peter Lee at the Hang Seng bank brings back multiple results all indicating “Peter Lee” is fraudulent.
- The email is not addressed to you, though ‘Peter’ claims you were specifically selected.
- The grammar and spelling is full of errors, which presumably you are will chalk up to his being a foreigner. More importantly, the email frames the situation as if the scammer is taking a chance on you. If you can be lured into thinking you’re the risk and that you have to convince the scammer that you’re trustworthy, then maybe you won’t consider that the real risk is in trusting the scammer.
- Though the Hang Seng bank does exist, directors aren’t going to reach out to a stranger in the US to conduct illegal transactions – if a bank director was going to conduct an illegal transaction, he’d know how to do so with a trusted accomplice and a better method.
- There is a continued stress on the ‘legality’ of this transaction, but a moment’s reflection should be enough for anyone to know this isn’t how business is done.
- The email is urgent. Scammers always want you to act before thinking.
- Now comes the meat of the scam, you are to give your information so you can be groomed directly, in these cases you will always have to put money into an account to show your ‘good faith’ – and that money will quickly disappear.
- Like flag # 4, the scammer want’s it to appear as if he – not you – is taking the risk here. He goes as far as to say he’s putting his career and the life of his family at risk, then further baits the hook by tempting you with his statement of ‘nothing ventured, nothing gained’.
- He wants you to respond to his private email account (exactly what are you to think the @fastmail.it account is?). There is no Pt. Lee at the Hang Seng bank.
Financial distress or plain old greed represents the primary hook in this scam. Now that you know, pay it forward.