At some time or other, most of us have received one of those unsolicited e-mails or letters, initially from people in Nigeria purporting to be important individuals within the petroleum ministry and detailing how they have been told that we are a person of trust. The truth is they are just using us to effectively launder money they are intending to steal from the ministry. The ludicrous content of these communications, which were initially sent through the postal service complete, according to one source, with counterfeit Nigerian postage stamps caused some consternation.
Eventually they were seen for what they were: an amateurish, ill-conceived and ludicrous attempt to con sensible, respectable people into assisting them in what was clearly a criminal enterprise. This commentary takes a look at recent examples of this type of fraud and what we can do to avoid and deter them.
The E-mail Scam
First, let’s start by answering some pertinent questions about these scams.
Why is it called ‘Nigerian fraud’?It doesn’t matter where the communication originates from, regardless of the country or countries mentioned in the communications, even countries located outside Africa, the fraudsters are often organised Nigerians.
How does the fraud work? The inducement is the illusory millions of dollars described in the letters or e-mails. The objective is to get you to come up with money for the ‘essential expenses’ required to release the funds and enable the transfer of those millions to you. Often referred to as a victim – the prey or dupe – thinks a few hundred or a few thousand dollars is trivial when millions are (apparently) at stake. Each request for more money is claimed to be the very last obstacle before the money is released. There have been occasions when the subject of the fraud has been enticed to Nigeria. This did not result in a good experience for any of the visitors.
How did they get my e-mail address? Exactly the same way all spammers get your e-mail address. Spammers ‘harvest’ e-mail addresses mentioned on websites. Others run ‘dictionary attacks’ where words are sorted by frequency of use and start with the most likely possibilities; for example, names of people, sports teams, pets and cars.
The success of these scams – and they are very successful – is based on the criminal ingenuity of the criminal gangs operating these scams and the greed of the prey. I do not subscribe to the term victim as everyone has the ability to make their own decisions. An individual who responds to an unsolicited offer of receiving millions from a totally unknown source for doing no more than acquiescing to be part of what is, even to the untutored eye, an amateur attempt at fraud or money laundering should be regarded as a co-conspirator.
Many have lost substantial sums of money in these overt approaches. These crooks are now trying new ways of approaching the public to see if they can separate a greedy, potential target from the pack. They have turned to the worldwide web. Recent changes in their approaches show how modern technology and the solicitous use of genuine companies’ and organisations’ branding.
One example is the so-called ‘prizewinner’ who is approached from a totally unknown person apparently representing a very well known company or organisation. These companies would never contact someone in the manner I am about to show here, quick examination of the document, and a clue is the sender’s email address, plus the general disposition of the documents give all the clues one needs. Welcome to the ‘PRIZE CLUB’…
Date: Tue, 23 Jan 2007 01:53:40 +0000
STAMFORD BRIDGE LONDON
SW1V 3DW UNITED KINGDOM
THE COCA’COLA COMPANY OFFICIAL PRIZE NOTIFICATION
We are pleased to inform you of the result of the just concluded annual final draws held on the (1st December 2006) by Coca-Cola in conjunction with the British American Tobacco Worldwide Promotion, your email was among the 20 Lucky winners who won £1,000,000.00 each on the THE COCA’COLA COMPANY PROMOTION
However the results were released on the 20 January 2007 and your email was attached to ticket number (7PWYZ2006) and ballot number (BT: 12052006/20). The online draws was conducted by a random selection of email addresses from an exclusive list of 29,031 e-mail addresses of individuals and corporate bodies picked by an advanced automated random computer search from the internet. However, no tickets were sold but all email addresses were assigned to different ticket numbers for representation and privacy.
The selection process was carried out through random selection in our computerized email selection machine (TOPAZ) from a database of over 250,000 email addresses drawn from all the continents of the world.
This Lottery is approved by the British Gaming Board and also licensed by The International Association of Gaming Regulators (IAGR). This lottery is the 3rd of its kind and we intend to sensitize the public.
In order to claim your £1, 000, 000 00 prize winning, which has been deposited in a designated bank, you will have to fill the form below and send it to the Promotion manager of THE COCA’COLA COMPANY for verification and then you will be directed to thenext procedure on how to collect your winning money price.
Please you are advice to complete the form and send it immediately to our Promotion manager through email or fax for prompt collection of your fund from the designated bank.
(CONTACT PROMOTION MANAGER)
Name: Mr. Xxx Xxx.
Phone: xxx xxx xxx
You are to keep all lotto information away from the general public especially your ticket number and ballot number. (This is important as a case of double claims will not be entertained).
Warning!!!: Fraudulent emails are circulating that appear to be from Coca Cola Lottery, but are not from Coca Cola Lottery. PLEASE REPORT IMMEDIATELY TO:
CUSTOMER CARE/COMPLAINTS DEPT AT National Coca Cola Lottery Services,
209, Stamford Bridge London England.
*Staff of Coca-Cola and the British American Tobacco Company are not to partake in this Lottery.
Accept my hearty congratulations once again!
Mrs. Xxx Xxx
Beware the Property Scams
A couple of recent examples that have crossed my desk are from estate agents who advertise properties for rent on sites, such as Craig’s List and their own websites. The initial approach seems genuine enough in most cases, just a query inviting a normal response. What follows next is the bait for the trap that will ensnare the innocent and identify the not-so-innocent greedy individual who sees the opportunity of getting something for nothing, and chooses to be blind to the clear risks involved.
Remember the saying that I use time and again: “The fraudster is the person who sells nothing for something to the people who want something for nothing.” Never forget that ‘due diligence is the business of common sense’ and as such should always be referred to and utilised.
Below is an e-mail received only recently by an estate agent specialising in rental properties. The content brings a little light relief to an otherwise normal day. But the unbelievable thing is that people respond to these e-mails thinking that there is a real business opportunity. Many companies and their officers will always ignore these approaches, but there is always the risk that one employee will respond.
Sent: Sunday, January 28, 2007 6:04 AM
Subject: I WANT TO RENT….REPLY ME ASAP TODAY…
how are u doing today hope all is cool with u…I’m patracia mammy tracia and am from UK MANCHESTER,am 43 years Old..I’m a quiet, kind, loyal. A great meaning for me is a human’s soul. Circle of my interests is various. I like the literature, music, and cinema. personality traits are; calm, honest, kind, loyal, flexible, elegant, sociable, sensitive, gentle, cheerful, optimistic,I never speak negatively about people, I take less and listen more to people and does not jump into other people’s affairs…My lovely husband is late on the way to africa for his importing and exporting of goods from africa,so now i will love coming back the state, i need a good nice house to rent that have a nice security cos i will be geting the consignment my late husband left for me about 400,000pounds so i need a nice house for me and my kids for just a month so when i get the consignment i will get a new house from u,so pls just email me the price that u rent ur house,phone no,full name and ur full address cos i will be paying u with checks my late husband left for me…Just reply me back on my email address or im me back, This my yahoo ID
wish to hear from you as soon as prossible…
The next example is an e-mail that starts as a reasonable request, but once the recipient responds the underlying fraud attempt becomes clear.
——– Original Message ——–
Subject: $975 / 2br – Completely renovated charmer in XXXXXX
Date: Thu, January 11, 2007 8:26 am
Good day Sir/ Madam,
My name is Xxxxxx Xxxxxx; I am 24 years of age and a citizen of the United Kingdom and will be relocating for a short period of two years on a research programme to the United States. As I was reviewing rental adverts, I got particularly interested in your property, I would like you to email me pictures, and I would also like to know the exact fees to be paid monthly and the security deposit in order for me to pass information to my sponsors.
Thanks for your assistance.
This approach seems reasonable, it is a response to a genuine advert, and the recipient responds in a normal manner:
Dear Xxxx. Welcome to the U.S.I’ll get some pictures for you, but for now – the security deposit will be one month’s rent or $xxx. You will pay for water, electricity, and gas each month.Water should be no more than $xxx US, electric $xxx and gas $xxx (winter).The neighborhood is a nice neighborhood close to the bus line and great shopping and minutes from uptown.The property is right on part of the county greenway project which has wooded backyard, and just down the street, access to walking/biking trail and bridge. There are nice pubs (or as we call them ‘bars’) very close by and it’s just a good central location.It’s a desirable neighborhood and the neighbors are friendly.
What happens next is the attempt at fraud…
I really appreciate your response and details provided, my sponsors (Japan Tobacco, Inc) have agreed on the monthly fees to be paid for the next two years on my behalf.Therefore, they agreed to pay up front the amount of ($975 PAYMENT FOR THE FIRST MONTH RENT PLUS $975 DEPOSIT STARTING FROM MY MOVING IN DATE WHICH WILL BE ON THE 27TH OF JANUARY); also since I will be staying for two years, the company has agreed to pay in a monthly installation.
Furthermore, I would like you to know a US cashier cheque will be issued to you in an excess amount by my sponsors for the first month rent, security deposit and my travelling expenses. (Please see attached note): the excess amount will be sent to me immediately as soon as you receive payment from my sponsors through Western Union money transfer.
However, the information below is required from you by my sponsors to have payment sent to you immediately in order for you to hold down this property until I arrive:
NAME ON US CASHIER CHEQUE
FULL CONTACT ADDRESS
HOME PHONE NUMBER
Finally, I would like to know how peaceful the neighbourhood is and how close the property is from the bus/train station as I will be leaving on the 26th and arriving on the 27thof January. My main purpose of re-locating is based on my research proposal on Tobacco industries (FINANCIAL ANALYSIS); and I was granted a part time sponsorship on my accommodation and travel expense. Also all necessary paper work will be treated by me when I arrive and set to move into the property. I await the details soonest for payment, so I can start my moving in plans ASAP.
The following ‘letter of sponsorship’ accompanies the response.
LETTER OF SPONSPORSHIP
Congratulation Mr xxx xxx,
Japan Tobacco, Inc based in the United Kingdom this year granted eight research students on a part time scholarship to carry out their research programme abroad and you have been chosen based on your research application and study proposal on financial analysis on the tobacco market. We appreciate your interest on this research field.
Furthermore, our board will be taking care of your accommodation for the next two years and your travelling expense. The board has requested your accommodation proposal and travelling time of frame to the USA to be submitted to our office; in order for payment to be made out to the respective body.
We are happy that you accept our yearly assistance to research tobacco students and hope to send a representative once your programme has been completed.
Mrs Xxx Xxx, Head Secretary, Japan Tobacco, Inc
Careful analysis of these documents provides all the clues that show things are not as they should be. There are many who will greedily succumb to the chance of instant profit. In this case, for doing nothing more than paying in the cashier’s cheque they received from this unknown but potential client who they corresponded with on the Internet, the people in question paid a hefty price. They deposited the cheque and forwarded on the excess funds as directed, keeping a little profit for themselves. The amount, of course, is many thousands of dollars or whatever currency is used in that jurisdiction. A few weeks later disaster strikes. The cashier’s cheque is returned as a counterfeit, and their recently enriched account has been debited with the outstanding amount. Who do they complain to? Who would listen? They engaged in an activity that common sense should have dictated was at the very least, suspicious. Beware the unknown bringer of gifts, for they are never free.
The best advice I can give you is: Do not respond to these type of unsolicited e-mails even though some of them might seem reasonable in the normal course of business. Mailfrontier.com offers some advice in preventing e-mail fraud: ‘Fraud is not new and businesses have fought the fraudster since the beginning of commerce. But just as business practices evolve to keep pace with emerging technology, fraudsters also adapt to the new opportunities that technology offers. Nevertheless, by understanding e-mail fraud as a distinct and more sophisticated type of e-mail threat, and by seeking solutions designed specifically to stop fraudulent e-mail, you can protect yourself.’
Are we really that stupid? Unfortunately, some of us are! Some people will never learn even when they have been told; others always know better than those who advise and caution them about the risks involved. However, there are none so blind as those who will not see and if someone deliberately involves themselves in one of these scams they should not be viewed as a victim, more as a confederate of the criminals and should be prosecuted accordingly.
Companies should make sure that employees or associates either delete or delete and report suspicious e-mails and that company policy dictates that these e-mails are not responded to under any circumstances. There are stories of employees who thought it would be fun to play with these crooks, thinking that they knew better and could control the issue. They were wrong.
There has been an uptick of treasurers inquiring about interest rate risk management in recent months as interest rates in the US and UK have started to show a rise in momentum, said Chatham Financial at the annual Bellin treasury conference.
PSD2 is set to remake the EU payments marketplace. This deliberate public policy exercise is going to regulate and demonstrate what next generation financial crime competencies must be and cement the standard going forward.
Europe’s introduction of the General Data Protection Regulation (GDPR) next May will have implications for businesses around the world and US corporates should start getting ready if they haven’t already done so.
The recent NotPetya cyberattack underlined the need for organisations to address their exposure and how to mitigate the risk.