The Messaging Times

email marketing, list management, metrics and the world

Advertisement

RT : For all that asked, here's a bit about the [email] pitch that worked, and my take on why:

Posts Tagged ‘ online scams ’

Phishing on Facebook

May 26

Phishing isn’t new, and it isn’t even new to Facebook. But recently, there seems to be a wave of phishing activity soaking the popular social networking site. The consequences of phishing are real. Just last week, a friend of mine wired her friend a few thousand dollars after receiving an alarming message from her on Facebook requesting that money be sent urgently to get her out of a very serious problem. The only problem was that her friend never sent the message and never received the money. The scam was accomplished. But how?

Basically, the new Facebook phishing scam works like this.

  1. You receive an email or IM or Skype that prompts you to visit a site that you think is associated with Facebook. I mean, it looks like a Facebook login page after all. Unfortunately, it is just a page masquerading as Facebook so that you are willing to enter your login details.
  2. With your login information, the phishers login to your Facebook account (usually changing the password to take control of the page from you completely) and use your identity to influence your friends.
  3. Here, they can send your friends private messages and start running all sorts of scams.

The reason why phishing on social networking sites like Facebook is so effective is that the scammers can take advantage of the established trust between friends. Marketers leverage this trust, albeit in more legitimate ways, all the time. Email marketers develop robust forward-to-a-friend (FTAF) strategies. Word of Mouth (WOM) marketing campaigns are designed completely around the value of ideas spreading from friend to friend. There is no substitute for the value of a friend’s recommendation.

So, if you receive message of any sort telling you that:

  1. “somebody blogged something bad about you, go login to see what they said…”, or
  2. “hey, did you see your profile picture on this website?…”, or
  3. “hey, login to this facebook page to get a free Macy’s card…”, or
  4. “there’s this friend of mine on Facebook who thinks you’re really cool, visit their profile at …”

… beware

When phishing meets social networking, the problems spread much faster. It’s like the scammers walk into a room full of dominoes stacked up – they just need to knock the first one before the others become very vulnerable. That’s why, although phishing isn’t a new phenomena, it is a bit more serious today as we are all much more closely connected through online social networks.

“…in the latest attack, messages that link to the website fbstarter.com or fbaction.net are “phishing scams”, which take the user to a credible-looking website that is in fact a facade: like the buildings in a Western film, there’s nothing behind them but a system recording the details that are supplied, enabling criminals to use them. Given a user’s name and password, anyone can log in as that person, change their password and send on the same phishing message to the victim’s friends.

Taking control of the Facebook profile is a staging post. The overall purpose is to eventually send out links to malicious software that can take control of people’s computers and compromise bank accounts and credit card details…” keep reading

The consequences of phishing can be very serious. Just ask my friend.

Vigilantes Fighting Nigerian 419 Scammers

May 13

The Nigerian 419 scam, also known as advance fee fraud, the Nigerian scam and other names is basically a confidence game where con artists contact victims by letter or (more commonly today) spam email with a story about a need to transfer money overseas or an opportunity to receive a great sum of money. You’ve probably received this type of scam in your own inbox at some stage (if not regularly) advising you that you won an Internet Lottery, that an inheritance is available to collect or that the exiled prince of the Sudan needs help transferring money out of the country.

The scam works when the con artist explains that some money is required up front from the victim to release the funds or to cover the cost to set up the transfer of funds. Sometimes, the con artists will actually send a check which the victim can deposit but then request that some money be sent to release the remaining amount. This causes some who might initially be skeptical to think that it must be legitimate. Of course, after sending the money to release the remaining amount, the victim realizes that the check they deposited bounced and they are out of pocket.

These scams have been in play since the early 1980s and work because they play to gullible people’s emotions, desperation and naiveté.

Because of the complexity of the scam, it is difficult to prosecute the scammers. Money is usually requested by wire transfer, which can’t be canceled or traced when sent internationally to some countries.

Today, a growing number of people (referred to as scam baiters) are taking the scammers on in vigilante fashion; trying to waste their time, cause them frustration and even send them on international wild goose chases in an attempt to discourage them from participating in the game and prevent them from victimizing others.

“…As it turns out, the scam-baiter demographic is more diverse than one might think, though much of the reasoning for participating is the same. “My initial reason for baiting was to give myself an outlet for the practical jokes that I am ‘too old’ to play on my dog/little sister/friends/neighbor’s cat,” a 32-year-old baiter who goes by blah told Ars. “But after I joined 419eater, I realized that we actually do make an impact on the entire scamming business by running interference and wasting these scammer’s time.”

The things baiters do to scammers range from “boring,” menial tasks like seeding false information or questionable wording into the scamming community (tasks that don’t necessarily bring the glory, but are equally necessary) to sending scammers on full-on safaris across Africa—or sometimes, the globe—in search of money that will never come. The baiters we spoke with said that they spend anywhere from a an hour per day (usually arranged around other things, like TV or just casual Internet surfing) to a full 8 to 10 hours per day, especially if they are working on a collaborative safari…” continue reading

Of course, although some young con artists might be discouraged to continue running the scams after getting punk’d by a scam baiter, the practice will continue; because, for others, there is a pay off. In 2006, a study found that these types of scams attributed to losses of over £150 million every year in the UK alone. Just last year, a woman in the United States was conned out of $400,000 when she was led to believe that her long-lost grandfather willed her a large sum of money.

Email Lottery Spammers Add Toyota to the List

Jul 23

We’ve all seen the Microsoft Global Lottery spam in our inboxes over the past couple of years. The Google brand has been used by email lottery scammers as well. Now, it appears that the Toyota brand has made the cut.

In a nutshell, the scam works like this:

  1. Pick a recognizable brand
  2. Send spam to millions of people using that trusted brand name which says that the recipient has won an email lottery
  3. Request money from recipients to release their prize
  4. Repeat

Amazingly, enough people are duped by this old scam that we continue to see these messages arrive in our inboxes each day.

Here’s the latest one, using the Toyota brand (Geez, they could have at least personalized it rather than sending it to ‘undisclosed-recipients):

Toyota Email Lottery Spam