Alerts

US, UK and AU under Heavy Nigerian-Type Scam Rain

Scammers propose business partnerships to random people, suggesting significant returns for small efforts.

A fresh Nigerian scam campaign that started last week aims mainly at US, UK and Australian citizens to con them into revealing personal information that will eventually lead to pilfering moderate sums of money from gullible good-hearted strangers.

One such story presents Mr. Hamza Ahmed al-Khabeir, supposedly the branch manager for National Bank of Abu Dhabi United Arab Emirates, who reaches out for help to seize a business opportunity. An American foreign oil business consultant made a $12 million deposit in a foreign account and then disappeared. He now needs someone to help him transfer money from Abu Dhabi to US.

For context, the message also includes a link to a report of the tragic incident either on the BBC or the CBS news portal.

The branch manager asks the recipient to send private information such as name, address, account and a phone number. Harvesting personal sensitive data is needed for future scams since identification data, account info and a phone number would be enough for the attacker to impersonate the victim and access his account and money. Handing someone your identity poses severe risks.

Fig.1. Bank manager offers fake business partnership as part of the most recent Nigerian scam

Other Nigerian scam targeting Americans and Australians alike is almost identical, with a slight alteration. The attorney of a wealthy family who died in the same plane crash wants to recover the estate of the deceased.

The UK special, on the other hand, consists of an e-mail sent by some sort of a buyer. It is about a person who agrees on a car sold by someone in Hull, UK.

To prove his good intentions, the scammer offers fake evidence of a money transfer. And he asks the seller to do the same and send him the evidence of a £3000 deposit through a Western Union service that enables a person to person direct transfer.

Since Western Union allows people to withdraw money either only with an ID or with the transaction number, it is clear that the scammer-buyer uses social engineering to have the victim-seller reveal the transaction number for the £3000 deposit to steal the money. No doubt, the buyer will never set foot in Great Britain to get the car and pay in cash as convened in the e-mail exchange. Once the evidence of the 3000-pound deposit is made, the money is gone and so is the alleged buyer.

For those who don’t know, the Nigerian scam is an “advance fee fraud” that defrauds the victim usually of a modest sum of money; although the demanded money is pretty consistent in some cases. This scam takes a wide variety of forms and, despite being around for decades, resurfaces periodically, still able to con. Other popular storylines used in these money cons are the fake lottery win, dead foreign representative, murdered businessman, dying rich merchant, diplomatic delivery, immigration and jobs in a foreign country and so on.

The ingredients of these cons are with little variation the following: the sender knew and worked at some point with a person who died in an airline incident; not just any airplane crash, it’s always an Egyptian Boeing flight 990. The aircraft victim has no relatives of any kind and they left behind big sums of money – millions of dollars that are about to be lost if no one jumps in to take it. The persons in distress originate in countries in the Middle East, Africa, Holland or Spain.

Even though most of these messages are the creation of English native speakers, some are intentionally written with spelling, syntax, punctuation mistakes apparently to confer the text more credibility.

Moreover, having “Nigerian” in the name doesn’t necessarily mean all these attacks have something to do with the Nigerian people or country. In fact, USA and UK proved to be the main originators of such money cons while Nigeria only comes in third before Togo, South Africa, Australia, Netherlands or Spain. That explains the fact that most victims of such scams are from America and Great Britain, in this order.

All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.

About the author

Loredana BOTEZATU

A blend of teacher and technical journalist with a pinch of e-threat analysis, Loredana Botezatu writes mostly about malware and spam. She believes that most errors happen between the keyboard and the chair. Loredana has been writing about the IT world and e-security for well over five years and has made a personal goal out of educating computer users about the ins and outs of the cybercrime ecosystem.