Friday 23 August 2013

The scammers are back

Actually they never left. They never leave, not ever. Scammers are like viruses, they’re constantly mutating. Just as we get used to one strand of scammer, they mutate and come back in another form to challenge our intellectual immune systems.

Or so I thought.

In the last week we’ve heard from many people asking whether an email or SMS they received was, or was not, true. Several people got in touch asking if a text message they received was genuine. Each of them received this message from +254714980739.
“APPLE-IPHONE UK PROMO. You won £1,000,000.00(1 million pound) Ref No:AIP 131 for claim Email your name, mobile number and country to iphoneuk@live.com”
How many clues that this is a scam can you spot?

Firstly the obvious one. Several different people received it. They can’t all have won. Then there’s the fact that the winner isn’t named or identified. What about the fact that Apple don’t give vast amounts of money away to total strangers for no reason? Also, if it’s really Apple, don’t you think they would have given an Apple email address? And finally, a UK-based “PROMO” comes from a phone number with a +254 prefix? That’s Kenya.

So it’s obviously a scam. The good news is that a couple of the people who received it instantly knew this. Others weren’t so sure and wanted us to advise them. Who knows how many people received and have already responded and are about to lose loads of money?

We saw another, this time on Facebook. Someone calling himself “Christian Yves Ponthon” posted this:

Again the clues are simple. Real lenders who have up to €10 million to spare don’t use Gmail email addresses. Real lenders don’t advertise on Facebook. Real lenders don’t offer loans without some sort of security at a mere 2% interest.

A reader contacted us asking if an email was genuine or not. The email said:
“Attention Dear Employee, We are happy to inform you that we receive your details in good faith and we bring to your notice that you have been approved to work in Beaufort Hotel London for five years. You are to stat work as soon as you get your work permit visa from Diplomat Stevin Joes. Your file has been accepted and we only advice you to contact your Representative officer in New Delhi India for Work Permit Processing to UK.”
The email demanded a range of personal details including photographs and a copy of his passport. It said that he must pay a “Work permit visa fee” to the British High Commission in India and then he would be sent an air ticket to get him to London to take up this job offer.

This isn’t how hotels recruit. The UK is in a recession so why would they recruit from overseas? They certainly wouldn’t recruit people in Botswana via their High Commission in India. British diplomats can also usually spell correctly. High Commissions and embassies don’t require payments using Western Union.

This is all about the "Work permit visa fee" they want. That's the "advance fee" that the scam is all about. Once the victim pays that fee they’ll stall, demanding more and more money, stopping only when the victim runs out of money or finally realizes what’s happening.

Some of you will be asking why people fall for this nonsense when it’s so obvious? Doesn’t everyone see through these scams instantly?

The answer is no, that’s how scams work. In order to work they MUST be almost unbelievable. Cormac Herley, a researcher for Microsoft, published a research paper last year entitled “Why do Nigerian scammers say they are from Nigeria?” (Click here for a pdf download.)

Herley’s observation is that the more unbelievable the opening story is, the more likely the scammers are to make money. Strange but plausible. It goes like this.

Given that the scammers send these ridiculous emails to thousands, perhaps even millions of potential victims, how can they ensure that the ones who respond are most likely to be the ones who will end up coughing up their cash? You might think that they could do this best by constructing a story that is believable as possible? Not correct. If they did that, the research shows, the scammers would have to manage an enormous number of responses. Most of these more sensible people would eventually realise that there was something suspicious going on.

In fact the best way to maximise their successful response rate, to get the highest proportion of victims to cough up cash, is to make the story as stupid as possible. If they do that, then only the MOST gullible people will respond. The people likely to respond to those emails are the ones worth the scammer’s time. Make the first email as stupid as possible and the victims will select themselves.

Herley says:
“The initial email is effectively the attacker’s classifier: it determines who responds, and thus who the scammer attacks (i.e., enters into email conversation with). The goal of the email is not so much to attract viable users as to repel the non-viable ones, who greatly outnumber them.”
It’s very easy to think that these scams don’t happen any more, that scammers have moved on to other ways of parting the gullible from their money. This is true to an extent, scammers have evolved, but they haven’t abandoned their roots, their core business remains the same, mainly because it can be so profitable for them if they get it right.

Those of us blessed with some skepticism can’t give up the fight. We have to keep warning our friends, relatives neighbours and colleagues who aren’t as skeptical as they need to be. Scammers are viruses, skepticism is intellectual ARV therapy.

No comments: