1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

New Sophisticated Nigerian Money Scam

Discussion in 'BlackHat Lounge' started by ArkmayL7, Aug 21, 2013.

  1. ArkmayL7

    ArkmayL7 Junior Member

    Joined:
    Jun 17, 2011
    Messages:
    156
    Likes Received:
    59
    By now we?ve all had at least one email from a relative of a Nigerian Prince, asking for help secretly transferring millions of dollars out of U.S. Bank Accounts. Scams like this are pretty easy to spot and frankly anyone who would fall for something like that is a complete idiot. Sorry if that offends anyone, but seriously, come on?

    But the nature of the game the scammers play is changing ? this weekend I was almost a victim of one of the most elaborate money scams I?ve ever come across. In fact, it was one tiny detail that had I not actually typed this persons email address multiple times in my life, I probably wouldn?t have noticed it.

    Here?s the story? I get an email from a friend of mine, from his actual AOL email address that he?s been using for years, basically saying his sister is in need of about $1500 for a surgery and is reaching out to all of his friends to see if he can get the money together. It was signed the way he normally signs his email, and the typing style was consistent with the way he usually talks, without the odd ?English is my second language? typing style you usually pick up on from scams like this. Nothing stood out at all.
    I decided I was going to just send him the full amount he needed, and hit the Reply button; and that?s when I noticed the reply-to address looked a little off. There was a zero where an ?o? should be.
    Again, the message came FROM his real account, from actual AOL servers, and even maintained the same conversation chain from the last time we talked. It wasn?t spoofed. But the reply-to email was that one character off.

    Suspecting something was up, I shot him a message over Facebook and sure enough he hadn?t sent the email and had no idea what was going on. Someone had hacked his AOL account and grabbed his contact list. I figured I would see what kind of information I could get out of the scammer, so I replied to the fake email, playing along asking the scammer how I could get the cash to him. He replied (this time from the email account with the zero), thanking me and asking me just to send it directly to his ?sister?, gave me her name and said I could do it through Western Union in Clarksville, TN, where she lives.

    I admit, I got a little excited here because at this point I thought I was dealing with a scammer in the United States and there would actually be a chance of busting him so I started digging. The so-called sister was a 71 year old woman, and I was able to find her Facebook page, her daughter, etc. But nothing that really screamed ?criminal?.

    I turned everything I found over to the FBI, thinking maybe its identity theft and we could send some money to bait the perp and have an agent there bust whoever picked up the cash. Up until this point I?m thinking I?m dealing with an American scammer, not the classic nigerian money scam types.

    And that?s when the Agent calls me back and gives me the full detail? that the woman in Tennessee isn?t the perpetrator, but also a victim. And it IS still a foreign scam ? a fake SURVEY scam.
    Basically there are networks of fake survey sites, promising to pay people for filling out surveys, and the ?deal? you agree to as a survey-taker is that when you receive payment for a survey, you?re allowed to keep some percentage and then you pay the survey company their fee. Sounds familiar, right? It?s the classic Nigerian money scheme, disguised as a legitimate service. These sites tell the survey-taker that their payments come directly from the companies who contracted them to fill out surveys, and then the site owners rely on ?the honor system? to collect their fees.

    So these guys are playing both sides at once ? one scheme to get a person to receive the money, and another scheme to get a person to send it to them. If I had sent $1500 to this 71 year old woman, she would have thought it was payment for a survey she took, accepted it, and then paid the Nigerian scammers their ?fee? from it, never having any idea she was part of a foreign money laundering scheme. I?ve seen a lot of these scams over the years but never one this elaborate, where they actually created an AOL account that was this similar to the person they were pretending to be and combined multiple schemes to make a convincing, seemingly U.S.-based triangle transfer.

    I know this is a huge deviation from what I normally blog about, but I hope this message helps someone else also avoid something similar. Stay sharp and always keep your guard up when people are asking for money. If you come across this, or any other online scams, you can report them via the FBI?s Internet Crime Complaint site at http://www.ic3.gov/.

    Source:
    http://ronrule.com/2013/08/04/new-sophisticated-nigerian-money-scam/
     
    • Thanks Thanks x 4
  2. elschlongo

    elschlongo Junior Member

    Joined:
    May 21, 2010
    Messages:
    180
    Likes Received:
    99
    Location:
    The Murder Mitten
    Wow, that's crazy. Good thing you caught the difference before you sent him the money
     
  3. 1337python

    1337python Regular Member

    Joined:
    Jun 18, 2013
    Messages:
    392
    Likes Received:
    235
    Location:
    127.0.0.1
    That's actually really smart, everyday there are new scams thought of, you always have to be careful when dealing with money, double check everything.
     
  4. Lalalaenhund

    Lalalaenhund Power Member

    Joined:
    Sep 14, 2010
    Messages:
    738
    Likes Received:
    418
    Location:
    errywhere
    Wow that is seriously impressive.
     
  5. au2mopi

    au2mopi Junior Member

    Joined:
    Aug 12, 2013
    Messages:
    135
    Likes Received:
    28
    huh , Nigerian scammers when they are going to learn to hack instead of spamming
     
  6. ArkmayL7

    ArkmayL7 Junior Member

    Joined:
    Jun 17, 2011
    Messages:
    156
    Likes Received:
    59
    They're doing both, first hacking the AOL account and spamming email through the contact list
     
  7. jokel661

    jokel661 Regular Member

    Joined:
    Sep 26, 2009
    Messages:
    437
    Likes Received:
    495
    Occupation:
    Full Time IM & Developer
    Location:
    NYC & Prague
    I always use Phone in this situation. never trust emails for family matters.
    Great that you found his scam and report it.
     
  8. The Scarlet Pimp

    The Scarlet Pimp Senior Member

    Joined:
    Apr 2, 2008
    Messages:
    831
    Likes Received:
    3,207
    Occupation:
    Chair moistener.
    Location:
    Cyberspace
    last year i got an email involving gold dust.
     
  9. Untouchable

    Untouchable Supreme Member

    Joined:
    Mar 22, 2012
    Messages:
    1,345
    Likes Received:
    1,175
    Location:
    Canada
    I actually got a skype video call.
    yeah A SKYPE VIDEO CALL!
     
  10. bertbaby

    bertbaby Elite Member

    Joined:
    Apr 15, 2009
    Messages:
    2,019
    Likes Received:
    1,497
    Occupation:
    Product marketing
    Location:
    USA
    Home Page:
    This is an old exploit going back at least 3 years. I think the scammers have a battery of exploits that they rotate over time that they periodically test every so often. Their boiler rooms are getting more sophisticated and they enlist locals to assist in the scam. For a while they were targeting companies that sell solar panels and have someone locally sign for them for a small fee. Of course they were using a stolen credit card. How the hell they moved the solar panels after receiving them is anybody's guess but they try variations on all their classic scans.
     
    Last edited: Aug 21, 2013
  11. prospect7

    prospect7 Regular Member

    Joined:
    Feb 24, 2010
    Messages:
    273
    Likes Received:
    194
    Yep.. these scammers have multiple things they try and they also have massive networks of friends who work together to scam people abroad. Some of them also have little fear of getting busted most of the time they don't even use proxies. That might just be because they're stupid though still not sure.

    'Someone I know' got on to one of these scammers computers.. the scammer was from the ivory coast in Africa trying to blackmail people. He had a fake profile on facebook of a hot chick saying she was bored and to come on skype chat. Long story short they got video of victims fapping and threatened to release it to all his FB contacts if he didn't pay $1500 within a week.

    So anyway, on the guys computer he had:

    -Over 100 videos of victims fapping
    -Scraped contact list of victims FB account
    -Over 2000 chat logs where he was trying to scam people over the span of 3 years
    -Blackmail email templates for every kind of scam imaginable

    His main scams were ewhore blackmail and blackmailing pedophiles pretending to be the police (still not sure how that works exactly lol).

    But in the end the scammers real personal information was ripped off his computer, including pictures of him and his friends, family, criminal associates etc. His real email was obtained, his facebook, and all his personal accounts across the web. 'The guy I know' made a long wordpress post with all the details on the guys scams and posted it directly to his FB page. He took down his facebook within 24hours and it's still down til this day lol. Also emailed all the evidence anonymously to the cybercrime division where he lives.

    Oh - and his PC was formatted as well :)

    Vigilante justice FTW.