Detecting Nigerian (419) Scams
If a deal sounds too good to be true, it probably is. However, that doesn’t keep scammers from making their offers and it doesn’t stop uninformed victims from falling prey to them. By learning from mistakes that other people have made, you can help keep dishonest people from taking advantage of you.
Estimates of the total losses due to the scam vary widely since many people may be too embarrassed to admit that they were gullible enough to be scammed to report the crime. A United State government report in 2006 indicated that Americans lost $198.4 million to Internet fraud in 2006, averaging a loss of $5,100 per incident. That same year, a report in the United Kingdom claimed that these scams cost the United Kingdom economy 150 million per year, with the average victim losing £31,000. In addition to the financial cost, many victims also suffer a severe emotional and psychological cost, such as losing their ability to trust people. One man from Cambridgeshire, UK, committed suicide by lighting himself on fire with petrol after realizing that the $1.2 million “internet lottery” that he won was actually a scam.
The Nigerian Scam also known as “419 scam”
The scammer will say that all you’ll need to do is send X-amount of dollars to pay some fees (hence the title ”Advance Fee Fraud”) and all that cash will suddenly land in your checking account, putting you on Easy Street. By the way, please send the funds though an untraceable wire service. (also known as Western Union / Money Gram)
1. Pay good attention to the subject of the email as well as the name and email addresses used by the unknown sender.
By analysing the name and e-mail address of the sender in conjunction with the subject line of the scam e-mail, you can learn to easily identify a 419 scam before even opening it. Spotting a 419 scam at first glance minimises the risk of falling for the scam and saves you time (you don’t have to read through all the mumbo jumbo of the scammer). This also simplifies the task of reporting 419 scams to cyber security authorities. Scammers always use fake names and will create fake email addresses with some part of their (fake) name in it (EX: John Doe firstname.lastname@example.org)
Also, check the header of the email received. If the header shows a different return-path, there’s a good chance it’s the scammer trying to be sneaky.
Typical characteristics of subject lines, names and e-mail addresses used in 419 scams::
- Scammers love to disguise their true identity with the names of high-profile figures like State Presidents, Ministers, Ambassadors, Directors, etc, but a high-profile figure will ALWAYS have their own email-domain (ex: @fbi.com, @bankofamerica.com)
- Their subject lines are often typed in uppercase letters only.
- They use free e-mail services like Yahoo, GMail, Hotmail/Live, or a free ISP e-mail account. These free e-mail accounts are used in cases where one would expect an e-mail from an official e-mail address and surprisingly enough, there are still people who fall for this.
- There is often an overdriven use of formal and professional titles like Mr, Mrs, Dr, Barrister, Sgt, Lt, etc.
- If they’re using words such as dearest, love,
- Subject lines often have a false sense of urgency.
- The name of the sender is repeated in the subject line.
- Many scammers mistake the Subject for the From field and vice versa.
- Generic greetings like, “My Dear”, “Dear Beloved”, “Greetings to you”, “Dearest Brother” or “Dear Sir/Madam” are sometimes used as a subject line.
- Many scammers are hypocrites who pretend to be devoted Christians and will use subject lines like: “GREETING IN THE NAME OF OUR LORD JESUS CHRIST”, “My Dear Beloved in the Lord“, “Goodness Of God Will Be Upon You”, or “YOU ARE THE LORD CHOSEN ONE“.
- Subject lines contain notices about “Payments”, “Lotteries”, “Bank Drafts”, “Compensation”, “Funds” and other financial related terms.
- The subject line often contains an instruction to contact a specific individual, department or organisation. For example “Contact my secretary”, “Contact the fiduciary agent”, “Contact the bank official”, “Contact the ATM Department of…” or “Contact FedEx”.
- Scammers always come up with the strangest and most outrageous e-mail addresses, especially in scenarios where it is quite obvious that the e-mail account is fake. For example, a scammer pretending to be an official from the FBI will use a silly e-mail address like email@example.com. The FBI have their own domain and e-mail servers, so there is no valid reason for using an e-mail account from another domain, or a free e-mail service like Yahoo! or GMail.
- It is common practice among 419 scammers to use an e-mail address that consists of a formal title, a name and surname. For example, Mr. John Doe will use an e-mail address like firstname.lastname@example.org.
- Aside from scammers using parts of their fake scam name in emails, you will also notice a change in emails and names. They will send you their ”agents” or ”lawyers” email/name which is either the scammer on a different account or a another scammer working as a partner.
- It is very popular among 419 scammers to start their subject lines with the words: “From the Desk Of”.
- Lottery scams often have a reference number for the subject line. For example “Award Notice (Ref: LSUK/2031/8161/05)”
This is not an exhaustive list of characteristics, but is certainly a collection of the most common characteristics found in the subject lines, e-mail addresses and names of 419 scammers.
2. Questions you need to ask yourself before analysing a 419 scam any further:
In order to answer these questions you need to open the e-mail and read its contents. At this point, you don’t need to pay attention to specific details in the e-mail, you only need to determine what the e-mail is all about.
- Is the e-mail an unsolicited and unexpected job, loan or business offer from an unknown individual?
- Is it about a lottery or competition you never entered? (Remember: Having your e-mail address randomly drawn from a list does not count as a valid entry for a competition).
- Have you received a huge donation from a non-profit organisation?
- Has a terminally ill widower looking for a devote Christian to accept her will which contains millions of dollars? Did the widower want you to donate a small percentage of the funds to a orphanage?
- Are you appointed as the next of kin of a total stranger?
- Do need to help a foreigner to clear a consignment box, containing millions of dollars, declared as something else to a diplomatic courier service?
- Is the e-mail supposedly from an American Soldier, doing service in Iraq, who discovered millions of dollars and needs to get the money out of the country?
- Is the e-mail an unsolicited request to take care of orphans, send Bibles to a church or offer financial assistance to sick and hungry people in Africa?
- Are you appointed, as the beneficiary of a fund, where the owner of the fund is currently dying of cancer?
- Is the e-mail about the recovery of money or assets that were never stolen from you in the first place?
- Have you been awarded an unsolicited bank draft for your philanthropic efforts? Is the e-mail about an outstanding/delayed payment for a contract with some government, but you never entered into such an agreement or you never even conducted business with them at all?
If you answered YES to ANY of these questions, you are most definitely dealing with a scam.
Now ask yourself the following questions:
- Did you expect the e-mail?
- Do you know the sender in person?
- Did the sender mention your name in his/her initial e-mail?
- Does the sender have any other personal information about you (besides your name)? If so, did the sender supply a valid, trustworthy source of where he/she obtained the information?
If you answered NO to at least 50% of these questions, you are most likely dealing with a 419 scam.
Always remember the golden rule, if it sounds to good to be true, it probably is!
3. Analysing the contents of the e-mail:
If the name and e-mail address of the sender, the subject line of the e-mail or the story of the sender leaves you clueless about the legitimacy of the e-mail, you will have to analyse the contents of the e-mail in greater detail.
The following characteristics are tell-tale signs of a Nigerian Scammer
- The reply to e-mail address is different from the originating e-mail address. Scammers do this to ensure they receive your reply, in case their service provider shuts down their e-mail account. Some scammers will spoof the “From” e-mail address with an official e-mail address which is why it’s always important to look at the header details for any hidden addresses and IPs.
- If the sender does not provide a Reply To e-mail address, he/she will specify an alternative e-mail address, in the body of the e-mail.
- Sometimes the sender does not only provide a different Reply To address, but also a completely different alias. The scammer wants to create the impression that you are sending your replies to a completely different person, but it is actually the same scammer operating both e-mail accounts, each one under a different alias.
- The whole e-mail, or large portions of it, is typed in capital letters.
- The e-mail starts with a generic greeting (as already discussed). Most scammers simply shoot in the dark when they distribute their scam e-mails, so they don’t know your name and will therefore not mention it in the e-mail. (Never assume an e-mail is legitimate just because the sender knew your name. I have seen several 419 scam e-mails where the scammer already knew the name, last name and even the physical address of the recipient. Facebook and google are a scammers best-friend. (But remember, google can be your best-friend too.)
- The sender pretends to care about the well-being of your family with greetings like: “Good Day, How are you today? I presume all is well with you and your family.” Believe me, 419 scammers don’t give a damn about your family, they are only trying to earn your trust by pretending to care. Other 419 scammers have an apologetic attitude right from the start, for example: “Dear, Please accept my sincere apologizes if my email does not meet your business or personal ethics“.
- The recipient of the e-mail needs to reply with personal details like his/her full name, telephone and fax number(s), residential address, birth date, gender, name and address of Next of Kin, banking details, occupation, marital status and nationality. Some scammers request a scanned copy of your photo ID, international passport or your driver’s licence, so they are not only after a photo of yourself, they also want your identity number or social security number.
- Scammers often request some ridiculous information from their victims. For example your e-mail address (they already made contact with you, why would they need your e-mail address again?), the country that you live in (even if they already asked for your residential address and/or nationality) or the amount of money that you won (in the case of a lottery scam).
- The most common telephone numbers provided by Nigerian scammers are from South Africa (country code +27), Republic of Benin (country code +229), Nigeria (country code +234) and Netherlands (country code +31), but I’ve also seen telephone numbers from Sweden (country code +46), China (country code +86), Turkey (country code +90) and Malaysia (country code +60).
- Scammers always put a lot of emphasis on keeping the knowledge of the prize money or inheritance fund strictly confidential. There is only one reason for this, they don’t want you to talk to other people about this because someone might realise that you are being conned and inform you that the e-mail is a scam.
- 419 scammers insist on using a certain money transfer services such as Western Union Money Transfer and/or Money-Gram because they offer very low protection for the victims which makes it much easier for scammers to collect the money.
- Scam e-mails contain loads of spelling errors and horrible grammar. However this is not a rule of thumb. Many 419 scammers have upped the standards and compose highly professional e-mails these days.
- 419 scams involve huge sums of money, but the victim normally shares in only a small part of this fund. However, the alleged fund is so huge that even a small percentage of the fund can mean millions of dollars for the victim. This makes the scam very attractive to the victims, even if they only get a small cut out of the deal.
- Many 419 scammers create the impression that they have been in contact with you in the past and that they failed to transfer some huge fund to you on a previous occasion. It is really hard to believe that people will fall for such a lame story, because if you can’t recall doing business with these idiots, why would you reply in the first place. This only proves that 419 scammers are capitalizing on the weakness of greedy people.
- Fraudsters can sometimes be quite philosophical, for example they will say something like this in the introductory line of their scam e-mail: “This letter must come to you as a surprise, but I believe it is only a day that people meet and become great friends and business partners.” Yeah, whatever! It is only a day that people meet and become scammer and victim.
Characteristics of specific types of 419 scams:
- Lottery Scams nearly always have a line that reads something like this: “…winners were selected through a special internet ballot system from 40,000 individuals and companies E-mail addresses.” Some Lottery scammers put it like this: “…draws was [sic] carried out through random sampling in our computerized E-mail selection machine TOTAL from a database of over 1,000,000 Email addresses drawn from all the continents of the world,and the Globe divided into Zones.”
- Most Lottery Scams have a silly disclaimer like this: “NOTE:You are to keep all lottery information away from the general public especially your Winning numbers. This is important as a case of double claims will not be entertained and will amount to disqualification of your already won prize.”
- In many Next of Kin Scams you miraculously have the same last name as the deceased, however the scammer quite conveniently forgets to mention the last name of the deceased in the initial e-mail. The trick here is to get the victim to reply with his/her personal information and then use the last name of the victim on the forged death certificate and relevant documentation.
- Although it is not a rule of thumb, most Company Representative scammers offer 10% of their “income” to their victims. For some reason they like to use 10%, but I have seen scams where they only offer 5% and other, “more generous” scammers who offer up to 30%.
- An Inheritance Fund Scam normally involves a corrupt banking official who allegedly stumbled across an abandoned account of a deceased billionaire, or it is someone who can’t access the inheritance of a family member due to various reasons. The scammer often needs your help to get the money out of his/her country.
- Inheritance Fund Scammers often provide links to news articles to back their facts (or should I say lies). For instance a scammer will use a plane crash as a basis for his/her story and provide links on a news site like CNN.com.
- In a Bank Draft Scam, the scammer refers to a previous deal that failed and now you have to contact his/her secretary because he/she left you a bank draft and hasn’t been able to send it to you, because he/she is busy with other “investment” projects.
- Some Inheritance Fund Scammers pretend to send you the money via a pre-paid Visa or Maestro ATM card.
- A popular employment scam is the “secret shopper” or “personal assistant” which are both work at home scams. The scammer sends you a counterfeit check that you deposit in your banking account. Since it typically takes several day to a week for the bank to be alerted of the bounced check, the scammer has you purchase items to send back along with the “extra money” from the fake check. By the time you realize the check is fake, the scammer is already off with the items/cash, searching for his next victim.
- The Job Offer Scam normally involves a job in a foreign country, so the victim has to apply for a visa. This is how the scammers make their money. Victims have to pay a small fee to a certain company who will arrange the visa for them. I refer to a small fee because the fee is normally a little dust particle compared to the remuneration being offered to the victim.
- The Compensation Scam often involves scammers who pretend to work for the United Nations or the FBI. These scammers pretend to compensate victims of 419 scams. How lame can you get?
- ATM Card Scammers pretend to be very kind by paying certain processing fees and a drug law clearance fee on your behalf. The drug law clearance fee is to certify that the money issued on your name, do not stem from any money laundering activities. This is only for the bluff and the scammers only try to give their victims peace of mind. They can cook up any bloody certificate, you will still be an accomplice in money laundering if you assist them in moving funds through your bank account.
- 419 scammers, using the story of the soldier in Iraq, who discovered a huge sum of money, always have some obscure plan to get the money out of the country. The most common one is transport via a diplomatic courier who has diplomatic immunity.
- Several 419 scams about some kind of pending payment will state something like this: “…we were notified that you have waited for so long to receive this payment without success, we also confirmed that you have met all statutory requirements in respect of your pending payment.”
- Diplomatic Immunity Payment scammers often use the lame excuse that electronic fund transfers have resulted in payments being made to incorrect bank accounts, so they are shipping you the money in cold hard cash. These scams often contain a notice like this: “Note: The money is coming on 2 security proof boxes. The boxes are sealed with synthetic nylon seal and padded with machine.” The scammers often claim that they declared the contents of these boxes as “Sensitive Photographic Film Material”.
- Some Inheritance Fund scammers allocate the funds in the ratio of 60% for the scammer, 30% for the victim and 10% for processing fees.
This is by far not a comprehensive list of 419 characteristics. Most of the specific details in this article will become outdated as time goes by. Today, many 419 scammers claim in their initial e-mail that they have paid the upfront fee on behalf of the victim. Many victims will bail out when the scammer mentions an upfront payment, so the effectiveness of these scams declined over time and the scammers had to improvise. However these fools will mention some kind of payment at some stage in the scam and vigilant people will bail out once again.
419 scammers never conform to any kind of standard, so it is hard to lay down a rigid set of rules for identifying 419 scams. 419 scams are just like any other kind of spam, there are millions of spammers out there, but a lot of these spammers use the same templates and techniques. After a while the templates and techniques become common knowledge and the spammers need to find new and innovative ways of infiltrating our mailboxes and our minds.
One thing that will keep up with the evolution of 419 scams is common sense. No one will ever be able to teach you all the tricks in the book, because there will always be at least one trick you didn’t think of. Reading between the lines, being vigilant and applying a bit of scepticism towards e-mails from an unknown source, can be a very effective weapon against online fraud.
One phrase to keep in mind is: THERE IS NO SUCH THING AS FREE MONEY!