- June 14, 2018
- Posted by: Kerry Tomlinson, Archer News
- Category: Archer News, Cyber Crime, Hacking, Posts with image
You won’t even know they’re here.
The new generation of Nigeria scammers finds a way into your life without giving you clues that something’s amiss.
The FBI says officers made sweeping arrests of more than seventy suspected scammers around the world.
We’ll show you how this scam evolved from letters sent by Nigerian princes to multimillion-dollar secret e-mail operations.
Archer News flew from Portland, Oregon to Lisbon, Portugal to see the changing face of fraud.
In Portugal, violent crime is trending down.
But other kinds of crime are going up.
Online, you’re more likely to fall victim to a crook as cyber crime rises.
Safety experts have warned people in Portugal about emails like this one.
“I wish to inform you that this letter is not a hoax mail,” the message reads. “In my department, we discovered an abandoned sum of 250 million USA dollars.”
“Unfortunately, it belongs to a customer who died with his entire family in a plane crash,” the letter continues.
It’s the old Nigeria scam.
You probably wouldn’t fall for it, sending your bank account details to Nigeria.
And the new generation of scammers knows that.
So, they changed their strategy — and their location.
Excerpt from a Nigeria scam e-mail. Image credit: Archer News
New Strategy, New Location
Police say one Nigeria scam gang took up roost in Lisbon, sending emails to Spain, France, Germany and the Netherlands.
Agents arrested one of the masterminds in Lisbon in March.
Another group funneled Nigeria scammers to Germany, paying Portuguese women to wed them in sham marriages there, then return to Portugal.
And now this latest wave of arrests shows Nigeria-style scammers all over the world.
Law enforcement made 74 arrests of people allegedly running Nigeria schemes, not just in Nigeria, but in Mauritius, Poland, Canada and the U.S.
They seized about $2.4 million and recovered about $14 million from scam wire transfers, according to a release.
The FBI said the 42 arrests in the U.S. included suspects in Florida, Texas, Ohio and Connecticut.
Some Nigeria scammers show their spoils on social media. Image credit: Palo Alto Networks Unit 42
But they’re not sending the traditional Nigerian prince letters of yesteryear.
Now, they trick and hack their way into people’s email accounts and lurk, waiting for the moment when you or your company is going to make a payment.
They send you a doctored email with a new address or bank account number for the money.
None the wiser, you make your payment — to the wrong people.
The FBI calls it business e-mail compromise, or BEC.
In one case, a Dallas suspect posed as a home seller and tricked the real estate closing attorney into sending $246,000 to the wrong account.
In another case, the suspects tricked a Seattle corporation out of $1.4 million.
Home buyers and sellers have lost large amounts of money in the real estate version of this scam.
The crooks still use some of their old-school trickery.
The FBI says scammers will try to romance people into laundering their money for them.
This e-mail exchange between a Nigeria scam artist and Archer News Network’s Kerry Tomlinson serves as an example.
Romancing the Scam
“It’s a pleasure to write you,” the scammer starts out, writing to a list of undisclosed recipients. “Hope we can be friends.”
Kerry poses as a Portland businessman looking for someone to date.
The scammer says she is a refugee in a camp in Senegal.
Her father left her $6.5 million, but she can’t access the money because’s she’s in the camp.
She wants help — by having the Portland businessman put it in his account. He’ll get 20% for his troubles.
“I am believing that this will be the beginning of a lasting relationship between us,” she says. “Kiss with love. Yours, Melissa.”
The scammer sent this picture, claiming to be a young woman in a refugee camp. Picture cropped to protect the actual subject. Image credit: Archer News
The “businessman” confesses he’s gone to prison for embezzlement and is thinking of taking all of Melissa’s money, too.
“I also stole money from my mother’s accounts while she was sick in hospital,” he adds. “I have been convicted several times and have a long criminal record.”
No problem, she insists, she trusts him.
How far will she go? To the absurd.
He even tells her has a pet that is half-duck, half-beaver and he collects Q-tips for fun.
No problem for Melissa — she says she’s honored to have him for a partner in the money transfer.
The businessman never sends his bank details as requested, but if he had, he could have become one of the money mules who help scammers process their stolen cash.
The “businessman” tells the scammer that he has a half-duck, half-beaver pet and makes costumes for his pet out of ear swabs. Image credit: Archer News.
You may still get letters promising millions.
But chances are the scammers are waiting for you to hand them your email account through a fake password reset e-mail, or maybe by clicking on a link in a phishing message.
You can help stop them:
- Check your email account to see if someone’s forwarding your messages somewhere else.
- Keep watch for suspicious emails coming in.
- When it comes to payments, call to verify, and don’t use the number in the e-mail.
Better to call than to lose money — sometimes millions — to the new generation of scammers.
More help for businesses from the FBI:
- Create intrusion detection system rules that flag e-mails with extensions that are similar to company e-mail. For example, legitimate e-mail of abc_company.com would flag fraudulent e-mail of abc-company.com.
- Create an e-mail rule to flag e-mail communications where the “reply” e-mail address is different from the “from” e-mail address shown.
- Color code virtual correspondence so e-mails from employee/internal accounts are one color and e-mails from non-employee/external accounts are another.
Main image: Image from a Nigeria scammer’s social media post. Image credit: Palo Alto Networks Unit 42