Remember the good-old days, when a Nigerian Prince would offer you riches beyond belief if you’d just help him get some of his ill-gotten gains out of the country? That prince hasn’t e-mailed me in years. He’s been replaced by a wide variety of scam tales, all of them just as hell-bent on making you do things you’re sure to regret later on.
Just the other day, a new scam e-mail arrived in my inbox. Though it was from someone I didn’t know, the subject line didn’t give it away. It said simply, “ATL INVITATION.” No misspellings, no histrionics. The capitalization, though, did the trick and got my attention.
On the other hand, the email itself was ridiculously brazen, almost laughably so: In it “Mr. Carney Mark Edward” explained that there was a package for me at an Atlanta airport. Officials scanned it and found there may be as much as $5 million inside. I could get my hands on the money if I just gave them enough information to steal my identity, fleece me of my life savings and possibly ruin my life.
So, yes, the ruse was dead obvious to me, but I’ve been in this game a long time; I’ve got my guard up. Not everyone does.
I thought it might be interesting to dig into the guts of a scam email like this one. Do they serve up any obvious clues? What makes this e-mail so dangerous?
“While this email is a phishing attack with its immediate purpose to gain person information, it is actually a classic Advance Fee scam (commonly called a Nigeria 914 scam or the more historically accurate name of The Spanish Prisoner),” Kevin Haley, Director Norton Security Response wrote me in an e-mail.
Haley blogs about security for the security software company Symantec (makers of the Norton family of security software products), and has written more than once about these scams. He offered to pick apart my email, which he called “bait,” to see if we could learn any truths about the heart of a digital flimflam.
Below is the original email with Haley’s comments about the tell-tale signs of a scam inserted. Enjoy
Anatomy of a Scam Email
From: Mr. Carney Mark Edward.
[This is an interesting choice of name. Carny (without the e) is slang for a carnival employee, a place where many con games are known to have occurred. Mark is slang for the victim in a con.]
CarneyMark@grace.ocn.ne.jp
[Notice the .jp, indicating Japan. Why is Mr. Edward using a mail box in Japan? The address is no longer working. ]
Date: Mon, Aug 20, 2012 at 9:49 AM
Subject: ATL INVITATION
To:
[The Set-Up: An official looking email from a real place.]
Atlanta Hartsfield/Jackson International Airport
[Actual name of the airport is Hartsfield-Jackson Atlanta International Airport. Close enough.]
Service Port-Atlanta
Port Information
Port Code:1704
Location Address:157 Tradeport Drive
Atlanta, GA 30354.
Operational Hours: 8:00 AM-5:00 PM(Eastern)
Seven Days A Week (7)
Port Information
Port Code:1704
Location Address:157 Tradeport Drive
Atlanta, GA 30354.
Operational Hours: 8:00 AM-5:00 PM(Eastern)
Seven Days A Week (7)
[This is correct, copied word for word from the CBP.gov website I found it on. A Service Port is where cargo is processed and inspected. It’s run by the Dept. of Homeland Security, which certainly does not use mailboxes in Japan for communication.]
Attn: Consignee,
We Intercepted your Consignment Box Tagged personal effect on Transit.
[The Tale: The Service Port thinks they have your box. You know it’s not your box. And you would probably at this point just delete the message, or send them a nice note back telling them the mistake. That is, unless you are the classic mark, someone greedy and or willing to be at least a little dishonest if you see an advantage to you. And that’s The Hook. The con man is going to give you a big incentive to be dishonest.]
When scanned it is estimated that the consignment contains valuable cash between $4.5 to $5Million Dollars.
[The Hook: 5 million dollars could be useful.]
The consignment was intercepted and deposited in our restricted bonded store because it was not properly declared.
The details on the consignment tagged.
Type: SUITCASE
Wheels: 4 wheels
Handles: Trolley handle with top & side handles
Approximate Dimensions: Height: 3.20 ft, Width: 2.50 ft, Depth: 1.90 ft.
Weight: 180lbs.
Wheels: 4 wheels
Handles: Trolley handle with top & side handles
Approximate Dimensions: Height: 3.20 ft, Width: 2.50 ft, Depth: 1.90 ft.
Weight: 180lbs.
[More of The Tale: It’s these details that are used to convince you that this is all real. By the time you’re done you may even be convinced that that is your box with the “valuable cash” in it. Would anyone ever ship a box full of cash? What kind of cash isn’t valuable? What are they saying? At this point the hooked mark doesn’t care. Greed has made them gullible. ]
We need;
1. Your Full Name.
2. Home phone & Cell Phone
3. Home delivery address
4. Any form of Identification either Drivers license or International Passport.
2. Home phone & Cell Phone
3. Home delivery address
4. Any form of Identification either Drivers license or International Passport.
[The Sting: Here is what the con man wants. Getting your identity and contact information seems pretty reasonable. After all they have to get the money to you somehow.]
You are expected to come or assign an Attorney who will come for the normalization of
[You just allowed them to steal your identity. But they are not done with you yet. You’ve just shown that you’re greedy and gullible. So this will not be the last thing they ask you for. There will be fees, fines and other costs before you can pick up that box of valuable cash.]
your Bill of Entry and pick up of your Consignment.
Best Regard
Mr. Carney Mark Edward.
0 comments:
Post a Comment