Love hurts

A heart-wrenching story from New Zealand shows the human impact of an 419/advance fee fraud involving a dating site, a fraudster and a naive indivudual.

Some if not most of the people who use online dating sites deliberately expose vulnerable parts of their personas as part of the deal. It's an inevitable part of the process of falling in love. But, as in Real Life, there are some who exploit such vulnerabilities to take advantage of the situation.

A woman who initially claimed to be in South Africa struck up an online relationship with a kiwi man. Things developed, as they do, with the couple swapping little love notes online and through text messages. Flattered at the attention and besotted with the woman, the man agreed to send NZ$2k "towards her air fare", sending it to Kuala Lumpur where she was (allegedly) staying. It was OK, she assured him, because she was due US$30k from a company her father had worked for, but he and his wife had been "killed in a car accident". The requests continued and so did his generosity, sending thousands more by Western Union for taxes, expenses and air fares to Pretoria and Ghana, mostly on his Mastercard.

The woman even wrote to his mother, saying "I love him and I will get the money to him". All lies of course, but it's easy for me to say that. I'm a cynic who has seen thousands of 419ers before. For those caught up in the drama, it's not nearly so obvious. "It was all believable" said his mum, but when he was already $10k down, the bank stopped his card and when he asked her for more money, mum said "Err, this sounds like a scam. I'm not happy about that. It just sounds ... like ... bullshit." But still she lent him the money "because that's what mothers do."

After the total crept up to around NZ$20k, the penny finally dropped when he noticed that the cellphone bill recorded calls to Ghana not South Africa. "The weren't just alarm bells. They were great big gongs!".

The passport copy she had sent him was a fake and her claimed address didn't exist, according to Google (naturally). Her 'friend' via whom he had been sending money turned out to be a known scammer using different aliases. "I thought oh-oh, I've been scammed! I've been conned ... I'm stupid. Gullible ... 10% of me, even now, thinks she still might be genuine." And that, of course, is how the scam works.

Errors in financial accounts

A study reported in CFO Magazine identifies 'internal errors' (mistakes by employees) as the biggest cause of financial restatements, responsible for 56%. Next biggest was 'regulatory demands' at 38%. [Deliberate] 'manipulation' and 'complexity' accounted for just 3% each.

Computer-aided retail fraud

A 46-page academic paper by Richard Thompson Ainsworth of Boston University School of Law describes "zappers" - programs designed to divert some sales transactions from the normal sales processing and accounting systems. Fraudsters with sufficient access to an organization's sales systems (e.g. small business owners) sometimes use zappers either to misappopriate the entire sales income for the diverted sales (steal the entire value from the company - the sales don't go through the books) or to to manipulate the value (for example to steal the VAT/GST/sales tax content).

So-called "zap" and "super-zap" programs have existed for decades in the mainframe world. They allow intervention on databases, overriding normal access constraints to manipulate the data, and potentially programs, directly. They are supposed to be used only under carefully controlled emergency conditions, for instance to modify or delete a rogue data record that is somehow blocking an entire batch from processing. Most competent sysprogs (systems programmers) or systems administrators have the knowledge and capability to run zap programs and can potentially meddle with the systems in a virtually unstoppable and undetecable manner, if they are careful anyway: well-written programs have built-in integrity checks and other controls that at least identify and flag direct interventions. Unfortunately, if the sysprogs also have the capability to suspend or edit the audit trails, or substitute hacked programs, or subvert the operating system calls, or ... or ... all bets are off. Remember this possibility if you ever hear a sysprog for a financial institution bragging about the speed of his new Ferrari.

Going back to sales zappers, the article points out differences in the ways such frauds are detected in the UK and EU. In the States, it seems the evidence suggests that income tax investigations "often" (or rather occasionally!) catch zapper users, while in EU they are more likely to be caught by sales tax investigations. This begs the question: why not do both? And while you're at it, why not take a close look at those "shrinkage" stock losses - the ones that conceal employee as well as customer thefts of goods?

New awareness module on trust, integrity & fraud

Trust is an important concept in security but few awareness programs give it the coverage it deserves. This month’s NoticeBored module brings together trust, integrity, fraud in an IT context, and touches on closely related concepts such as honesty, governance and whistleblowing.

Identity thefts, 419 scams, deliberate sabotage and fraud by trusted insiders (such as the recent incident at Société Générale Bank) and numerous other information security incidents provide no shortage of topical content for our 60th module.

We’ve all had our share of disappointments and incidents in life due to misplaced trust in someone or something. Such painful experiences are all part of the rich experiential lessons from life’s School of Hard Knocks. With hindsight, things would have been different, we hope. On the upside of risk, we are sometimes pleasantly surprised when people and systems deliver on their promises, or even better exceed expectations. Such is the way in which trust is built up.

Trust comes in two flavors: blind faith means we ‘just trust’ something or someone with no rational basis beyond our belief system. In most cases, however, trust must be earned, in other words a level of trust is established gradually over a period of successful interaction and performance. By the same token, trust can be damaged or destroyed by negative events – when a person, organization or system “lets us down”, we are naturally more dubious about it the next time.

There can be immense personal satisfaction in being trusted and respected by someone else. Computer systems and other inanimate objects may not have feelings but those that prove their worth accrue value above those that are unreliable in practice. How would you feel about, say, a heart monitor that sporadically shut down or gave nonsensical readings? Do you dread getting into an elevator that sometimes jerks or stops between floors? That subconscious sense of unease tinged with fear is the result of not being able to trust something.

Technological controls alone are seldom adequate to reduce the risks, placing emphasis on human controls through training and education, policies and procedures, and various forms of management supervision (including, by the way, the IT audits we covered last month).

In relation to information, specifically, trust brings up related subjects such as integrity and fraud. The NoticeBored awareness materials explore these concepts through presentations, briefing/discussion papers, case studies and more. We’re delivering a bundle of 30 different types of awareness material (see below), too much for all but our largest customers to use perhaps but that’s not the intention. Customers are encouraged (through the ‘awareness activities’ paper provided) to review the materials and pick out the pieces that are most appropriate for them, given their circumstances and the maturity of their awareness programs.
Content of the module

May’s NoticeBored security awareness module is out now. If you're not already a NoticeBored customer, see what you're missing on the NoticeBored website.

Fraud Awareness Week

Government departments in Australia and New Zealand, in collaboration with some local banks and other firms, have launched Fraud Awareness Week 2008 with a website offering two quality posters (one two), a plain leaflet and a tri-fold leaflet.

Their simple message is "Fight the scammers. Don't respond."

The after-the-early-evening-news current affairs program on NZ TV has run stories on a similar theme this week.

The main website address is supposed to be www.SCAMwatch.govt.nz although this currently redirects to www.consumeraffairs.govt.nz/scamwatch/fraud-awareness/FAW2008.html which is ironic really, since misleading links and browser tricks are often part of the scammer's toolbox.

Social engineering for $$$$$$

Following an entry on the excellent Realtime Community Compliance Blog (hi Rebecca! Nice one!), I've been reading about social engineering attacks on US Credit Unions. The Credit Union Times reported that social engineers have successfully bypassed inadequate user authentication methods to authorize fraudulent transfers of large credit balances to other banks and, presumably, quickly moved on through unwitting money mules to lovely untraceable folding munny.

The Credit Unions appear to be using telephone call-backs as part of the authentication but those naughty scammers have allegedly discovered how to get the phone companies to redirect phones and thus spoof the phone numbers. They are also able to answer the pretty lame authentication questions typical of single-factor authentication schemes (you know - "What is your secret password? What is your mother's maiden name? What is your inside leg measurement?" - that kind of thing) evidently, perhaps through insider access to the Credit Union's systems, through phishing or spyware on the customers' systems (probably introduced using more social engineering techniques), or else by directly socially engineering the genuine customers into revealing the very same secrets. Now that's one excellent reason to be extremely dubious when out of the blue you get a call "from your bank, just needing to check a few things, but first we need you to authenticate. What is your secret password? What is your mother's maiden name? What is your inside leg measurement? ...".

In the past, I have personally been on the receiving end of what were probably legitimate but unsolicited calls from my bank, yet the bankers invariably went all defensive or indignant when I insisted that THEY authenticate themselves to ME before I would authenticate myself to THEM. The irony of it was absolutely lost on them. "We're your bank: trust us" was basically their best 'response', lame though it is. Some of them get quite obnoxious but the harder they insist, the wider my smile. It's fun in fact and a good wind-up for other unsolicited sales callers too. Anyway I digress.

It's not too hard to think of simple methods by which the bank could authenticate to its customers, like for example asking the caller to reveal certain letters from your password or confirm the amount of a specific transaction from your latest statement, but all such simple schemes are vulnerable to replay attacks. It's exactly the same problem that the bank has, but vice versa.

I'm sorely tempted to take in to my bank branch my own one-time-password bingo card just like the ones that various cheapskate banks are using to implement the el cheapo form of two factor authentication, cheaply, insisting that they read out and scratch off the next number whenever we speak. You can be sure that the bingo codes will be horrendously complex 'cos I know about entropy. You can be equally sure that the bank won't fall for it.

Of course all of this bank-authenticates-to-customer stuff is highly inconvenient for the bank, so we're left with "Trust us. We're your bank! No really! We are! We are we are we are! We are so your bank ...".

CUNA Mutual advised credit unions to "establish a password system" (single factor authentication - surely they have this already, no?) and "have a written agreement with the member for the use of these passwords" (to limit their liabilities, of course - again, don't they do this by default?). They said "If there is any doubt as to authenticity of the funds transfer request, credit unions are reminded they do not have to perform a wire transfer." (no, really? Golly!). Other advice included "Limit the amount of wire transfer that can be completed by a call center employee. Managers should approve all wire-transfer requests." (divisions of responsibility are good but do not address the basic problem of authenticating transfer requests), "Record conversations during the call-back and compare it to previously recorded conversations [and] listen to the caller. Does he or she have an accent that is inconsistent to your membership?" (that's an interesting idea but a rather weak and awkward control), "Perform an additional verification to the member’s work and/or cellular telephone number." (another weak control, but at least they are thinking along the right lines), and finally "send an e-mail to the member at home and/or work" (presumably confirming the transaction - a useful post-hoc activity that would make a stronger control if the transaction were put on hold pending final confirmation by digitally-signed email).

Come along CUNA Mutual: US banks are grudgingly implementing two factor authentication that European and other banks have used for years. Anyone who lags the field is a sitting duck.

Do I look that stupid?

Look what just plopped into my inbox ...

Subject: Capital Investment and Management Request

Dear Friend,

I am a freelance, independent investment broker based here in Britain.

My client wishes to invest a part of his financial estate into productive ventures in your country under your direct supervision.

He looks to make this investment discreetly under discretionary asset Management arrangement, in the areas of agriculture, real estate, transport, oil and gas and other viable venture(s) which you might recommend. I have contacted you on the consideration that I could discuss with you on the possibility of my client placing this fund with you for management either in your existing establishment or other venture to be undertaken at your discretion under terms to be agreed upon. He Prefers that this investment be made in your country.

I would be expecting your response in order that we may discuss further in detail.

Please write through my email address so that we may work out modalities.

Yours faithfully,

Mr. William Smith

"Mr. William Smith" is clearly a pseudonym: no-one loves that word "modalities" quite as much as those kinky West African 419ers. What is it with "modalities"? Is it one of the standard English words taught in West African high schools? Or is it just a meme? I'll have to ask my Nigerian colleagues ...

Meanwhile, I reported the email to abuse@google.com with the original header and got a useful auto-reply:

Hello,

Thank you for your report. Your email has been provided to the Gmail Abuse team.

To help us process your request as quickly as possible, we recommend visiting the Gmail Privacy & Security topic at
https://mail.google.com/support/bin/topic.py?topic=12784

WHAT HAPPENS WHEN YOU REPORT ABUSE?

Your email has been provided to the Gmail Abuse team. Any additional information that you provide through the forms in the Gmail Security Center will be added to your original message, and will help us to more efficiently process your request.

Google takes abuse situations very seriously -- your claim will be given the highest priority. When submitting a claim through our Security Center, please include as much information as possible, so that the Gmail Abuse team can investigate thoroughly and work quickly to resolve your claim. As appropriate, we may warn users or discontinue Gmail service for the
account(s) in question. For privacy and security reasons, we may not reveal the final outcome of an abuse case to the person who reported it.
To read the Gmail Terms of Use, please visit http://mail.google.com/gmail/help/terms_of_use.html.

If your issue is not related to abuse, you may want to visit our Help Center at http://mail.google.com/support/, or by clicking 'Help' at the top of any Gmail page within your account.

We appreciate the urgent nature of your message, and thank you for your cooperation.

Sincerely,

The Google Team

Attn: beneficairy!

Another vaguely amusing 419 email arrived in my bulging inbox last night. I won't bore you with all the details about the large unclaimed inheritance awaiting my instructions as a "beneficairy", but the following paragraph made me smile:

"You may have also been directed to visit different cities and countries with the instruction that your fund would be released at such payment post or that your fund could be delivered to you at your residence. All these are cooked up Stories from impostors who wish to extort money from you while they do not have any knowledge of the true position of your fund transfer."

So, impostors are cooking up Stories, eh? Would you believe it!

Nigerian scammers head for the slammer

A major police operation has blown open a Nigerian 419 scam ring and seized thousands of fake cheques, passports and other collateral worth ~US$16m.

"The month-long investigation into the fraud uncovered more than 4,500 forged and fraudulent documents. UK officials are working with agencies in the US, Holland, Spain and Canada to tackle "mass marketing fraud". A handful of people have been arrested in the UK with almost 70 more held overseas."

As usual, the scammers have been exploiting naive victims using social engineering techniques, sometimes using dating websites (where people seem naturally more vulnerable to being spun a lie).

6th October update: Reuters reports:

"An international crackdown on Internet financial scams this year has yielded more than $2.1 billion in seized fake checks and 77 arrests in the Netherlands, Nigeria and Canada, U.S. and other authorities said on Wednesday."

The seized assets appear to have swollen from $16m to $2.1bn in a few days, an alarming rate of inflation.

eCriminals teaming up for more chaos

Symantec has disclosed some data supporting the widely-held belief that electronic crime is on the up, with eCriminals teaming-up to leverage their skills and information."

More worryingly, said Mr Beer, were signs that different sections of the underground economy were starting to collaborate to improve their chances of catching people out. Hi-tech criminals with information culled from job sites, online games or social networking sites were teaming up with phishing gangs and spammers, said Mr Beer. The end result was well-crafted e-mail campaigns that gained a gloss of credibility by combining several different bits of data.

Narrowly targeted phishing emails ("spear phishing") use information that the victims believe 'must be legitimate' to fool them into opening infected attachments, visit phishing/infected websites etc.

Email users must:

1) Avoid opening executable email attachments that turn up unexpectedly, even those that appear to come from a legitimate source such as someone they know (if they intend to open executable attachments, users should first phone the sender to confirm what was sent);

2) Avoid following URLs provided in emails, and watch out for URLs ;

3) Make sure their antivirus software is maintained constantly up-to-date;

4) Not fiddle with the security configuration of antivirus, personal firewall, email, browser and other software;

5) Take regular off-line backups of all important data, making sure that the data are correctly stored and can in fact be retrieved if (when!) needed;

6) Run anti-phishing utilities such as phisher site warning add-ons for browsers;

7) Most of all, remain alert to email security threats. Be EXTREMELY wary of providing any personal data (names, addresses, passwords, PIN codes, credit card numbers etc.) to a website or form provided by email. Corporate email users should report suspicious events to their IT Help/Service Desk or information security function the sooner the better - it may not be too late to prevent further damage.

Businessman scammed for AU$1.7m

An Australian businessman chasing an AU$100m deal with some Nigerian businessmen has lost AU$1.7m in what sounds like a classic 419 advance fee fraud.

"[T]he scam started a year ago in Japan before spreading to other countries, and then ended in Amsterdam where he came for an appointment with his alleged business partners. After advancing large sums of money, supposedly for such things as notary fees, the Australian man finally started getting the idea that he was being ripped off, police said. He alerted Dutch police who were then able to arrest the three suspected swindlers in an Amsterdam hotel where they had arranged to meet the Australian with a suitcase full of money claiming it would soon be his."

Being a businessman, I guess he assessed the potential reward and decided that a 1.7% advance was worth the risk, but no more.

"The most inept 419er" competition entry

Here's the latest entry in our previouly-unpublicised competition to find the world's most inept 419 scammer, direct from our inbox:

[Name of lure here]

Good day dear clients,
We are sorry to inform that the fraudulents with the accounts of our bank have recently increased. That is why our bank changes the security system, which will provide maximum security to our clients if the accounts are used by frauds. You will receive a special program to your e-mail this week, as well as the instruction how to use it. With its help you will have an opportunity to make payments. Without this program no one will be able to transfer money from your account. If you lose the program, you will have to pay $4,99 and we will send you the copy of it. To confirm the registration of this anti-fraud program visit this web-site and complete the necessary forms: [Displayed URL here] [Different actual URL here]

Sincerely,
Bank Administration

We haven't decided on the prize yet. What would you suggest?

What the white hats are up against

In its usual tongue-in-cheek fashion, The Register describes the Black Hat world through ten features:
1. The Black Hats form a well integrated community that shares knowledge effectively
2. Becoming a Black Hat is a career option even for those who are not super geeks.
3. There are even specialist virus tools designed to circumvent specific AV products.
4. There are SDKs for the more advanced hackers.
5. There's a market for your data.
6. There are botnets to rent.
7. Some rogue websites are very subtly managed.
8. Good hackers know how to stay safe (they stay abroad)
9. The banking system has its channels
10. Not all businessmen are entirely averse to the odd hack (on a competitor)

In the sense of "know your enemy", the article presents an interesting perspective.

E&Y European fraud study

Ernst & Young have released a 30 page Survey into Fraud Risk Mitigation in 13 European Countries (it is very slow to download, at least in my case).

The report discusses the need for anti-fraud controls such as a Code of Conduct, whisleblowers' hotline (plus suitable governance/control structures to protect whistleblowers from reprisals), awareness (going beyond simply signing the Code of Conduct) and others.

How E&Y came up with the list of controls used in the survey is not explained, but presumably reflects their prior experience (and hence potential prejudices) in the field. Section 4 and Figure 8, for example, state that most employees report fraud to their line managers. This in turn implies that managers should be given training and support in how to encourage and handle fraud reports by their staff.

I found the statistics on the incidence of fraud in section 6 very surprising. Only one in five respondents (described as "corporate management") acknowledged fraud in their companies in 2006, whereas I would expect the true incidence to be much closer to 100% ... depending on one's definition of fraud. Perhaps "fiddling" of expense claims and timesheets is not considered fraud by management? Or perhaps respondents were blissfully unaware of the extent of 'minor' fraud in their organizations? A survey of internal auditors would, I'm quite sure, have shown different results in this section.

The report's conclusion introduces a neat diagram summarizing anti-fraud controls:

It's a shame the report did not provide much information on the latter steps, particularly fraud incident response plans. Still, the report is well worth reading.

Expert witness accused of perjury

A man who has appeared in court as an expert witness for computer forensics has been accused of perjury. After 'inconsistencies' in the qualifications claimed in his resume came to light, a background check revealed that he has served prison time on a forgery charge.

This story is a good illustration of the need to conduct thorough background checks on people in positions of trust and power. Insiders who are known former forgers might be welcome in a criminal gang but not in your average court or corporation.

My compeciation have been ganted! [Updated]

This one, fresh from my inbox, needs no comment.

From: FROM THE FEDERAL HIGH COURT OF NIGERIA [mailto:info_lawoffice03@yahoo.com]
Sent: Tuesday, 8 May 2007 1:12 a.m.
To: [me]
Subject: YOUR COMPECIATION HAVE BEEN GANTED BY MR PRESIDENT


FEDERAL HIGH COURT OF NIGERIA.

Attn: beneficiary
This to acknowledge you that your e-mail id is found among those that have been scammed, and the competiation have been approved from the supreme high court here in Nigeria and we are asked to contact you by the Nigeria president on how to send you the ($3.5million) united state dollars by the diplomatic courier and the fund as been cash in dollars here in Nigeria bank.
So you are advice to contact the lawyer in charges of this fund and his name is Mr. Tunde Martins and make sure you contact him with your full
Contact information such as.

Your home address.......

Telephone number..........

Your occupation...........

Country........................

Zip code.......................

With your international passport, or drivers lances or state I.D
Card........

For more information on how to make the money send to you because many
People complain about scamming every day from Nigeria and we are trying to stop this fraudulent from Nigeria and am sure you that it will stop because we are now working with the internet operation such as YAHOOMAIL, HOTMAIL and also the united state FBI and Nigeria police with Nigeria EFCC so the scam can be eradicated in this country and I want you to follow your fund code which follow bellow, and whish is given to you by the high court of Nigeria and the code is (NG74678FGN)

And I want you to keep this code, because this code will ensure you and
Alert you in any day you receive a scam e-mail from this country. And as soon as you contact Mr. Tunde martins with your full contact information requested, he will be forward everything to the Nigeria presidency office to issue out your award certificate as the rightful beneficiary of the ($3.5million) united state dollars from the president of Nigeria.

And here is the contact information from the lawyer in charges of this
Fund
So contact him and he we forward the picture of the concernment to you
For you to see your fund in cash before the diplomatic courier can deliver it to your Doorstep.

And here is the contact address of the lawyer in charge which follows
Below.

Name: Tunde Martins
E-mail Address: info_lawoffice03@yahoo.com
Direct Telephone: +234-802-410-4101

Contact him in regarding of the fund to be deliver to you by the
Diplomatic courier service and also any beneficiary we be responsible for shipping fees so as to avoid any scam and the fees is just only $480.00 and you will receive your fund from the high court because as soon as you contact the lawyer in charges of your fund he will alert the united state bureau and also the your state police for the fund to be deliver to you without any restriction and problem when the fund get to you in your location area.

Thanks.

Best Regard.


Dr. kelvin donald Director.

:-)

UPDATE 9th May: SANS ISC warns about an altogether more sinister variant - 419 death threats. The normal advice not to respond in any way to the scammers is extended to include notification of the authorities.

Poetic justice

CFO dotcom has a short news piece about a former Enron HR director prosecuted for submitting fraudulent consulting invoices to Enron post-bancruptcy and sentenced to 63 months in prison. He has been ordered to repay $2.9m in restitution - $2.3m and a house have already been seized by the authorities.

So here we have a greedy employee (an insider) of a greedy employer caught with his hand in the corporate cookie jar.

Tell everyone you know! [UPDATED]

There's another old old story doing the rounds here in NZ, concerning someone in a carpark offering cheap purfume that turns out to be ether.

Poppycock! Stuff and nonsense!

It's an urban legend.

The warning signs are there in the story:
- The story sounds plausible to someone who doesn't understand how ether works [ether has a very strong "fumy" smell, not pleasant like perfume; it would take a strong dose e.g. on a rag pressed over the victim's mouth & nose to cause unconsciousness]
- It happened (or nearly happened) to 'someone else', never the storyteller
- The storyteller is taken in by the story and is keen to tell everyone else
- Emails end with "Tell all your friends!" and/or "Tell your women friends!" and impart a sense of urgency

Best of all, the urban legend is systematically dismantled on www.Snopes.com. If you want to pass on a good piece of advice to all your friends, tell them about Snopes dotcom.

UPDATED 10th May: Aside from Snopes, a CERT Cybertip on hoaxes recommends the following sites: Urban Legends and Folklore; Hoaxbusters; Truth Or Fiction; Symantec; and McAfee.

Hey I've got $1.5 million!

Well, what do you know!

SUBJECT: AMOUNT DUE FOR CREDIT (ON HOLD): "USD $1.2 Million» [sic]

It appears I'm the beneficiary of a sum of $1.2 million (ONE POINT TWO MILLION DOLLARS) that is being held for me by a kindly official in a little West African state, who for some obscure reason appears to be using a Russian email system. I was beginning to think perhaps this was just another 419 scam but no!

this is due to many abnormalities had happened in the institutions where some top official of the apex institutions are interested in your payment and they collaborate with impostors who are carrying a fake portfolios with levies misled and misguided about the position of your fund and having the opportunity to extort money from you that made it too longer up till date that explains why you receive different kinds of untrue emails and phone call from different people everyday.

So that's cleared it up then. The money has accumulated because of the impostors and fakers with abnormalities who have been trying to scam and extort money from me.

Finally be inform that your funds are fully free of any liens or
encumbrances and are clean, clear and non-criminal origin and are available to pick, this guarantee is witness by the World Bank Group, International Monetary Funds IMF Paris and London Club of creditors, European Economic Community EEC, EFCC Africa and the Envoy's of our Correspondence International Bank of Settlement world Wild.

Phew! I'm relieved to hear that the "International Bank of Settlement world Wild" says it's OK. Apparently I have to send my contact details and pay a charge:

They will chargeyou $165 a great deal less than a money wire service would to enable the programming of your information in the micro chip compartment of
central computer and your code will be send to you to enable you cash your money at your convenient time.

$165 to program the micro chip compartment sounds entirely reasonable.

Full marks to the scammer for his creative writing skills. This email is almost funny enough to be worth $165 just to find out the next thrilling installment ... but not quite.

PS It's OK, I've just received an offer of help from the [Nigerian] Financial Crime Commission (variously calling themselves "the finance security commission" and "THE FOC TEAM"). All I have to do is send them details of the scams and they will refund me. Golly! Here it is:

ATTN : this is not one of the popular jingo that has to do with 'you have won a lottery-Lotto scam' 'Represent our company-cashiers check scam' 'Business proposal deal -All in the way to make you fork out an upfront fee’. Nigeria as you well know is the den for evil perpetrators which are well classified by the dictionary to as scammers.

Not the "popular jingo", oh no.

Permit me to introduce our establishment to you if this letter concerns your interest, the financial crime outburst in collaboration with the Nigerian finance security commission is out with an aim to make back refunds to the victims of the society and oversea whom has in one way fell a victim of the advance fee fraud so far since either presently or in the past.

So, "the financial crime outburst" is working in collaboration with "the Nigerian finance security commission", eh?

We had a surveillance on cyber cafes and made a scrutiny on account holders of young stars (who are particularly the initiators of this web scam).We have in our custody arrested outh over hundreds and confession stories of how various innocent people oversea particularly USA society are being defrauded on daily basis.

Those "young stars" !

Our aim on this is that the Nigerian government is trying to create a restoration of the country’s image on the internet by making back refunds to victims to make a sustainable development of the .

They are trying to sustain development of the full-stop to restore Nigeria's image?? Now I'm confused.

This letter however is a calling out to victims whom have lost monies no matter how small or large ( this would be paid and doubled up) after due processing irrespective of where they got you on the scam, they could approach you with a deal from United Kingdom,canada,Spain,Nigeria....but they are certainly from Nigeria. the lines which they communicate with you from are tapped diverted lines. This is to say that every scam has its root from NIGERIA.

Aha, "this would be paid and doubled up". We see the first sign of an appeal to greed. The bait is laid.

Like i did explain above, if you wish to receive your hard earned money back (doubled up) or you have a close colleague who was victimized, kindly send us such information with proof of transaction details you have with these con men to enable necessary proceedings. But if you have never been scammed you could contact us for internet web advises on tractions which you are currently having at the moment, this puts you on safe grounds.

I'm doubled-up just reading this! I don't think I will be contacting them for "web advises" even if it will "puts [me] on safe grounds".

The punch line is the sig:

THE FOC TEAM
...restoring the image of Nigeria
Hotline- (234) 8032 140873

(234) is the country code for Nigeria where these bozos are most probably located. I don't think they are doing much to restore Nigeria's image though.


PPS FraudAid is yet another site offering assistance to the victims of 419ers and other scamsters. The site looks legit but who knows. Maybe it is run by a young star in a Nigerian cyber cafe?

Get poor quick schemes

Purveyors of classic "Ponzi" or "pyramid" get-rich-quick schemes that have fleeced countless naive and desperate investors of their savings over decades have found a wonderful new outlet: the Web. The curiously named Haisoj Network reports problems with a site inviting people to earn attractive returns on their investments simply by surfing the web ... and by recruiting further members - which looks to me like a huge clue to the true nature of the beast. If investment returns for existing members are being paid at least partly from the investments of new members, there inevitably comes a tipping point when the whole scheme collapses. Cast aside those greedy thoughts about 'getting in there early': the originators are the only people likely to make real money, unless they end up in court facing fraud charges in which case their lawyers get rich quick.

As with phishing exploits, phools and their money are easily parted. Pyramid scheme investors would be better-off investing their hard-earned dosh in a roll of tin foil.

More IT fraud resources

Trust me: I'm your bank manager

The former head of Moscow City Bank which collapsed in 1994 has been jailed for masterminding a massive identity theft scheme involving fraud, aliases, conspiracy and theft. The fact that fellow Russian conspirators were also convicted points towards organized crime - way above the level of petty theft by lone hi-tech criminals.

More identity theft and it_fraud links