Fam Scam

Yesterday I got an email from Russell during the middle of the day at my work email address.  Except it wasn’t really from Russell.  It was a fake, undoubtedly sent by a crook somewhere out there in the digital world hoping to perpetrate a fraudulent scheme.

The scam is called “spear phishing.”  The fraudster identifies actual email addresses that have legitimately communicated with you, then sends you an email that appears to come from someone you know.  Because the email address looks genuine, it makes it past the spam filter to your inbox.  You’re supposed to treat it with the speed and cavalier attention that most email receives and reflexively open it and click on the link that has been sent.  If you do that you’re sunk, because the unthinking click installs malware on your computer that allows the scammer to capture personal information that permits him to make false charges on your credit cards, empty your bank account, and commit identity theft.

The key building block of spear phishing is the recipient’s reflexive, unthinking treatment of every piece of email that comes to the inbox.  When I got the email that appeared to come from Russell, I immediately worried that there was some problem — but after that first instant of concern I noticed that the email address was an old one, and saw that the email itself had no message but just a link to some apparent healthcare entity, and my guard went up.  Something about the email didn’t seem right.  Of course, it was possible that it might be a real message — but just to be sure I sent Russell a text to ask if he had sent an email, and he responded that he hadn’t.

I try to be mindful of the ever-present risk of fraud on the internet.  When it comes to email, I look for language issues in messages and weird combinations of addressees, and I never click on links sent in unanticipated emails.  I also hope, though, that a special level of hell is reserved for spear phishers who misuse existing relationships to cheat the unwary out of their money and their private identities.  In  his Divine Comedy Dante consigned them to Malebolge, the Eighth Circle of Hell, where the souls of deceivers and fraudsters are constantly tormented by intensely painful, ever-burning flame.  That seems about right.

Advertisements

The Web’s “Bad Neighborhoods”

Every city has a “bad neighborhood” — a squalid, dark, depressed area where sullen people are roaming the streets and the unwary stranger can easily be the victim of crime.  It turns out that the internet is the same way.

A Dutch researcher tried to determine if there are patterns to the generation of malicious email used in spam, phishing, and other fraudulent scams.  It was a huge task, because there are more than 42,000 internet service providers worldwide.  The researcher found, surprisingly, that about half of the malicious email that is the bane of modern electronic communications comes from just 20 of the 42,201 internet service providers.  The worst “bad neighborhood” was in Nigeria, where 62 percent of the addresses controlled by one network were found to be sending out spam.  Other cyberspace skid rows were found in India, Brazil, and Vietnam.

The hope is that the study will allow internet security providers to better understand the sources of malicious email and further refine filters to try to block the efforts of spammers and fraudsters.  It’s a worthy goal, but I’m not holding my breath.  There have always been people who would rather hoodwink people than earn an honest living, and the internet has provided them with a vast new arena in which to ply their criminal trade.  If they can’t use that “bad neighborhood” in Africa, they’ll just find another “bad neighborhood” somewhere else.

An Unfortunate Air Of Plausibility

In Cincinnati, and elsewhere, another identity-theft scam is making the works.  Only this time the bogus offer is not to help a Nigerian diplomat, it’s to get money from a phony program supposedly put in place by President Obama.

The emails offer people the opportunity to participate in a program where the federal government will supposedly pay your summer electric bills.  All you need to do is provide your Social Security number and bank routing number, and your bill supposedly will be paid.  Of course, there is no such federal program, and once you provide your Social Security number and bank account information the scammers will empty your account and take you for all you’re worth.

What’s sad about this isn’t that crooks are preying on innocent saps — that’s been happening since the dawn of mankind — but that people are being duped by the ploy because it has the air of plausibility.  With all of the stimulus programs and bailouts over the last four years, wide swathes of people evidently find it entirely believable that the federal government will pay your utility bills, just like it bailed out banks and GM and made stupid loans to companies like Solyndra.

Don’t you find it troubling that rational people could believe that such a program might actually exist?  We’re rapidly becoming a nation of greedy suckers.

Williams Yee Needs Help!

There is this guy named Williams Yee who has been sending me emails for months now.  I don’t know who he is, or where he lives.  And the email is always the same!  It reads:

Dear counsel,

I am contacting you in regards to a breach of business loan agreement with a client in your locality. I provided a loan to the company so that they can meet up with their management and operational obligation during the rough economic climate of last year. I provided the company with an emergency loan of $270,500 with a term of 12 months and fixed interest rate of 7.0%. The repayment period has since elapsed but the company has been unable to finalize the repayment of the loan and have only paid $90,000.00 till date.Let me know if this falls under the scope of your practice so that I can provide you with more information on this matter.

Best Regards

Williams Yee

At first I just ignored these emails, but now I am troubled.  Poor Williams Yee!  He needs help!  Can’t any “counsel” in this “locality” help Williams Yee as he tries to collect from the “company” that needed his “emergency loan” so that it could “meet up with their management and operational obligation” but now has stiffed him?  With so much detail, provided by the unduly trusting yet obviously wealthy Williams, surely there is a “counsel” who would help him right this colossal wrong!