Are you at the top of your field? Give me $1,000 to prove it!

Professionals in various fields are targeted and tempted with diplomas that attest to their prowess. They’re wooed with promises of having their biography published in a sort of ‘Who’s who’ publication of successful professionals.

And then, of course, they’re ripped off.

Almost everybody wants to be famous, even if just for a moment. People enjoy speaking in front of cameras, having their opinions broadcast over the radio or the Internet, and not least, being recognized as top professionals in their field. These facts led crooks to focus on exploiting human vanity to bolster their own revenue.

Fig.1. Spam e-mail advertising a vanity scam 

Vanity scams and fake diplomas are two of the most frequently-encountered schemes that allow people to show off as professional or well-educated in front of their peers. For the right price, of course.

It’s like headhunting but with a twist – the kind in which individuals pay for their vanity. Fake diploma scam implies an expensive, appreciative piece of paper – usually worth $1000 or so – offered to persons who are supposed to be top of their “class.” Who’s Who scams, on the other hand, involve selling “memberships” in fraudulent directories that are created online or through instant publishing services.

Vanity scams, fake diploma or Who’s Who scams are all on the same page of the social engineering “cookbook” as extremely targeted attacks that look legit.

Crooks invest a lot of time and effort into finding future victims and gather a lot of biographical information on that person’s professional background then send a coherent and well documented e-mail to the victim-to-be.

Documentation is everything. An entire department is likely doing research to find out specifics about someone’s online and offline persona – enough to feed his ego with an appreciation diploma and an award from an organization no one ever heard anything about. Where monarchies still stand, scams are adjusted and people are lured with “nobility” titles.

The e-mails are well written and well documented to make them efficient lures for the unwary candidate who in some scams are also asked to fill in a form with name, title, country of origin, phone, company name, and business phone number and so on.

Fig.2 Fill-in form – part of some vanity scam campaigns  

A variety of such vanity scams includes telephone interviews or an online questionnaire for data validation. This stage of information collection ends up with a request for the credit card number. The promoted esteemed directories will eventually disappear from the web and the diplomas are worthless – un-recognized whatsoever from a trustworthy institution. But not immediately. Some scams include follow up, in that victims are contacted by scammers on Facebook or Twitter and asked to fill in questionnaires.

Fig.3 Follow-up questionnaire – part of some vanity scam campaigns 

Some may argue this is a grey area. It is, after all, a personal choice. If someone makes an educated decision and pays to be acknowledged as one of a kind in a certain domain it’s OK.

But they should nonetheless be informed that some of these prestigious directories of professionals are only used to trick people into willingly give away money and personal information. In return for nothing.

Moreover, people need to carefully read the terms and conditions before agreeing to anything, not to find out later that they have been subscribed and charged a yearly membership fee for nothing. Plus, users may verify the legitimacy of these offerings by checking out the non-profit group’s tax status with the IRS and its reputation with the Better Business Bureau as some scam artists are known to set up phony non-profit groups to hit duped trustees up for money.

About the author


A blend of teacher and technical journalist with a pinch of e-threat analysis, Loredana Botezatu writes mostly about malware and spam. She believes that most errors happen between the keyboard and the chair. Loredana has been writing about the IT world and e-security for well over five years and has made a personal goal out of educating computer users about the ins and outs of the cybercrime ecosystem.