Two days ago 80 people, mostly Nigerian nationals were charged in a 252 count indictment. According to the indictment, the defendants operated a variety of online scams most notably business email compromise scams and romance scams as well as a number of scams specifically targeting elderly people both in the United States and around the world. Individuals, small and large businesses and law firms were targeted by these scams which resulted in the scammers stealing approximately 6 million dollars, which was then laundered to avoid detection.
I have written about the business email compromise many times in recent years. Generally this scam involves an email to the people who control payments at a targeted company. These people receive an email purportedly from the CEO, company attorney or even a vendor with which the company does business requesting funds be wired to a phony company or person. At its essence, this scam is remarkably simple and relies more on simple psychology instead of sophisticated computer malware. Often the scammers will do significant research to not only learn the name of the key employees involved with payments within a company, but also will infiltrate the email accounts of company employees for a substantial period of time to learn the protocols and language used by the company in making payments. The scammers also gather information from the company’s website and from social media accounts of its employees, all in an effort to adapt their message to seem more legitimate.
As for the romance scam which has dramatically increased recently they generally involve some variation of the person you meet through an online dating site or elsewhere on the Internet quickly falling in love with you and then, under a wide variety of pretenses, asking for money.
In order to avoid the business email compromise scam, companies should be particularly wary of requests for wire transfers made by email. Wire transfers are the preferred method of payment of scammers because of the impossibility of getting the money back once it has been sent. Emails requesting payments to be sent to new bank accounts should also be investigated thoroughly before responding. Verification protocols for wire transfers and other bill payments should be instituted including, dual factor authentication when appropriate. Companies should also consider the amount of information that is available about them and their employees that can be used by scammers to perpetrate this crime. They also should have strict rules regarding company information included on employee social media accounts that can be exploited for “spear phishing” emails which play a large part in this scam. Finally, employees should be specifically educated about this scam in order to be on the lookout for it.
There are various red flags to help you identify romance scams. I describe many of them in detail in my book “The Truth About Avoiding Scams.” The most important thing to remember is to always be skeptical of anyone who falls in love with you quickly online without ever meeting you and early into the relationship who then asks you to wire money to assist them with a wide range of phony emergencies.
Here are a few other things to look for to help identify an online romance scam. Often their profile picture is stolen from a modeling website on the Internet. If the picture looks too professional and the person looks too much like a model, you should be wary. Particular phrases, such as “Remember the distance or color does not matter, but love matters a lot in life” is a phrase that turns up in many romance scam emails. Also be on the lookout for bad spelling and grammar as many of the romance scammers claim to be Americans, but are actually foreigners lying about where they are and who they are. Of course you should be particularly concerned if someone falls in love with you almost immediately. Often they will ask you to use a webcam, but will not use one themselves. This is another red flag. One thing you may want to do is ask them to take a picture of themselves holding up a sign with their name on it. In addition, ask for a number of pictures because generally when the scammers are stealing pictures of models from websites, they do not have many photographs. You can also do a reverse image search online to see where the photos may appear elsewhere on the Internet to see if they are legitimate photos or not. Here is a link you can use for information about performing a reverse image search https://helpdeskgeek.com/how-to/free-reverse-image-search-tools/ If you meet someone through a dating website, be particularly wary if they ask you to leave the dating service and go “offline.”
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”