I just can’t help posting one more spam message here, as an example of how spammers run. This time, a very well-known Nigerian 419 spam message where the spammer is trying to collect sensitive information about those whom he’s spamming.
Interestingly enough, many people tend to share this information freely on the Internet already. With sites as Facebook and LinkedIn I would think spammers would not even need this information. Well, except for the bank account numbers, of course. And maybe the phone number.
So let’s look at this message, that seems to be Nigeria. Or China. Or Russia, if I read the mail headers.Well, what does it say? It’s about a contract or inheritance file that’s at some desk in Nigeria. I don’t have a clue what it’s supposed to do there, but they have it. Who? Well, The Central Bank of Nigeria, of course. (Yeah, that link goes to the real site!) It seems that I am dealing with some non-officials about this case and that’s supposed to be illegal. The Board of Directors held a meeting to give me a solution, though. They’re willing to pay me the $950,000.00 that’s in some online account which is supposed to be mine. I need to give some details to them which would allow me to log in to my account so I can transfer the money to a different account. And I must stop discussing about this with anyone else, so this post on my blog must be illegal.
Okay, I’m not stupid. The fact that Google dumped this in my spam folder is the first warning. The red warning above the post is the second warning. Even if I’m a complete idiot (and I sometimes am one) then these two warnings should trigger plenty of alarm bells, making sure I won’t respond to this. But I’m interested in the mail header too.
Sure, first thing I’ve noticed is another warning: “domain of firstname.lastname@example.org does not designate 18.104.22.168 as permitted sender“.
It was sent from Webasto, which happens to be a Russian company that creates air conditioning systems for automobiles. Maybe the Nigerian Board of Directors is in Russia?
And I need to send a reply back to an email address provided by the email services of the Chinese Yahoo website.
Also, even though they knew my email address (helpdesk@
example.com), they did not know my name. Or anything else, even. But they seem to know that I’m dealing with non-officials, though.
So, am I dealing here with Russian Nigerians who live in China? Or Chinese Nigerians living in Russia? I don’t know. This is just spam and it’s too ridiculous to even consider believing it. I can’t understand that anyone would be fooled by something stupid like this, yet it happens. At least, it happens often enough for these spammers to continue their attempts. Just send a million of these messages and hope that an Idiot will respond to it. If one in a million people are idiots, they tend to have a reasonable chance of success.
Also interesting is the reference to CBN, which isn’t the Central Bank of Nigeria. It’s the Christian Broadcasting Network. Close enough, I guess.
The true Central Bank of Nigeria has an official warning about 419 scams on their website. A check with RobTex seems to confirm this site is the real website. The fact that it’s a .ORG domain still makes me a bit suspicious but fortunately, there’s also an official gov.ng site, which happens to be a bit slower. All this spam isn’t just annoying for me and other recipients, it’s also bad for the Nigerian government and their bank.
It amazes me that these Nigerian 419 scams still continue for more than a decade. Especially since these emails seem to be so extremely fake that I just wonder if people are just fooled by these spammers simply because they try to scam the spammers themselves. And in trying to do so, they just happen to give away too much real information.
The best response to these kinds of emails is to either ignore them or by warning others about these kinds of emails.