When Too Good To Be True Gets Even Better

In March of this year, Laura Mather posted a blog series on Nigerian ‘419’ scams, including telling the stories of victims who fell prey to this fraud.  This series has been one of the highest read Silver Tail blogs to date; with an even broader audience than we suspected!

Over the weekend we received the following blog comment from ‘Judy’:

 

---

Author : I was compensated
E-mail : judy*****@yahoo.com
URL    :
IP  : 217.14.85.242
Comment:
I am Mrs Judy Glass, I am a victim of online fraud. I was expecting some loan from some kind of firm. i ended up paying some money and got nothing in return. Then there was a  mail in my box that reads that i shall be compensated and i still believed and got scammed on the long run. So i went to NIGERIA and fortunately I was directed to the againcy incharge and they help me. now i am happy because i have been compensated. the only fee i paid was the legal fee which is constant ($600). So if you have been scammed you can reach them via the secetary (******@gmail.com).

This is a good new hurry and contact them because the offer will soon close so i was told.

---

 I wanted to give my reaction to this, but before I do, let’s just say Laura was not nearly as amused as I was.

Since the 419 scammer went to the effort of sending us this comment, I figure the least I can do it post it; but with a little commentary.

Afrinic whois lists the IP (217.14.85.242) as belonging to “GS Telecom Nigeria” in Lagos, Nigeria. IP geo-location is never enough to definitively mark something as bad, but in this case, it’s a strong indicator.  I doubt there are too many people named Judy in Nigeria who were scammed by a Nigerian 419 scam.

All contact is directed to free email address domains. Yahoo and Gmail email addresses for individuals’ personal use are largely legitimate (I have a couple myself); however, people representing organizations usually have email addresses with the name of the organization in the domain.  An ‘againcy incharge’ would likely have a private domain, not gmail.

Bad Spelling and Grammar are common in scam emails – especially from someone named, “Judy”. Many of these emails come from places where English is a second language.  I’m certainly not saying one should not trust emails from non-English speaking countries nor that perfect spelling and grammar make an email legitimate, but this is a factor to include with everything else.

Every email I’ve seen of this type has artificial urgency attached. Fraudsters of this variety want you to think as little as possible.  Asking that you act ASAP on the contents of the email is a great way to limit the amount of thought recipients go through before they respond.

Payment request between $200 and $900 are a common amount in 419 emails. Although I have seen numbers both higher and lower in 419 scams, the usual amounts fall in this range.  Again, this is not a definitive indicator, but another sign to be combined with the rest of the data points.

The promise of high returns for a nominal fee is ALWAYS present. This email is a smart twist on the standard scam, but still a recognizable relative.  Whenever I’m asked by family and friends to discern whether or not an email offer is legit, the first question I ask is, “Are they asking you to send money so that they might send you more money back?”  There are few examples I can think of where giving someone $600 will result in their sending me back ten to one hundred times that amount.

In general, I see this as a very interesting twist on the typical 419 scam.  In this case, the person figures there are people out there who have already fallen for a similar scam.  Who better to try to re-scam than someone who is known to be naive enough to have already fallen for something similar?  I must say, in some ways, this is quite brilliant (and somewhat amusing!).

---

Possibly related posts: (automatically generated)

• Tis’ the Season to be “Email Scammed”…

November 10, 2009 - Posted by Mike Eynon | Fraud, Online Fraud, Uncategorized | 419 scam, Nigeria | 3 Comments