I don’t like Nigerian email scams for two reasons 1. they made me have heightened hope of receiving a lot of money if I helped them transfer some funds for a deceased bank customer who did not have next of kin, only for them to demand that I first send $500 as processing fees. Damn them, couldn’t they just deduct it from the $2.3 million that the deceased had in his account?
2. My cousin wasn’t as lucky (smart?). He received an email, believed it, and traveled home to convinced his father to sell three of his cows so that he could raise the Shs 40,000 that a beautiful woman wanted as registration fees for an HIV conference that was happening somewhere in the US. According to the email conversations he had received from the pretty lass, a certain NGO had organized a conference that she was required to attend, and she was allowed to attend with her boyfriend but sadly she didn’t have a boyfriend to attend with her…she wanted my cousin to accompany him. Although the conference organizers were to cater for the Air ticket, accommodation and meals, they couldn’t just afford to pay the $500 registration fees.
When I was asked to send $500 but before I heard of my cousin’s story and how he succumbed to the scam, I had asked a friend, “who can fall for these types of crap?” “Very few, very very few I guess”, my friend had answered.
To target the few, the Nigerians send the scam messages to everyone in hope that the very very few would show interest, lately on Facebook. If you have a Facebook account I bet you have received an inbox (if not yet check under Other in your Facebook message center) from this pretty girl who has seen your profile and she is interested in becoming your friend. To communicate with her further, she wants you to send her an email. Something common with them is they seem to only have a hotmail or a live.com account.
Facebook has been flagging them and deleting their accounts as soon as they create and use them to send the first few spam messages. To beat this, they have stopped giving out all the details in the first message but rather start by sending a simple “Hello” message e.g. “Hello, i like your profile, can i be your friend,”. A screen shot shared by a friend would do.
It seems that’s the best way to deal with them as Lilian never bothered to write back to him.
As you can see, targets have become smarter and it’s time a new mechanism was invented. The Nigerians have been shying away from using malware but since the social tricks are no longer effective, they now want to take over the control of your computer by use of malware sent to emails as attachments in a new cyber attack New York Times wants us to call Nigerian Swindle 2.0.
In the last three months, security researchers at Palo Alto Networks, the Silicon Valley-based security firm, have been tracking a series of cyberattacks affecting clients based in Taiwan and South Korea. The attacks, Palo Alto Networks said in a new report released on Tuesday, originate in Nigeria and are being orchestrated by some of the same people behind the Nigerian 419 swindle, in which fraud artists try to trick foreign victims into transferring money to their bank accounts.
Palo Alto says that it was able to determine that the attacks came from Nigeria because many of the attackers that the firm tracked did not conceal their IP addresses.
These emails include attachments that, once clicked, are laced with two malicious programs. One, which is called NetWire, can allow someone to remotely take control of an infected computer, whether it’s running Windows, Linux, or Mac OS X. The other program, called DataScrambler, aims to conceal NetWire’s existence from anti-malware scanners.
Is the new Nigerian cyber swindle effective? Yes, very effective. The attachments are likely to be concealed as a business promotional email. This is because the attackers are no longer targeting individuals to lure them into giving out their credit card details but are today targeting businesses.
Once you download the malware, the attacker will be able to take full control of your computer and be able to view all your files including accessing cookies stored in by your browser…some of the cookies being credit card information or bank log-in details.
- The evolution of these actors from low-level spammers to a growing threat to businesses that have not previously been their primary targets
- The tools they use, including commercial RATs such as NetWire that provide complete control over infected systems
- How to safeguard your business by decrypting and decoding command-and-control traffic to reveal potentially stolen data
As Digital Trends advises, it is important that you be very keen with emails you receive especially those containing attachments and external links. Even emails with these from your friend must be scrutinized before attachments are downloaded or links clicked. This I say because I have at least three friends whose email accounts have been hacked and nowadays they send me “promotional emails” basically with links directing me to a phishing website.
An example of a message containing links is given below:
Accounts has been trying to reach you…..
Your trust account has been granted $1,753.53
==> [Link removed]
Please handle this in the next 12 hours or your account will be terminated.
Thanks For The Order
Use the link below to review the transaction details:
==> [Link removed]
Date Received: 7/23/2014
Payment Expires in 16 Hours. Claim Below:
==>> [Link removed]
If you have any questions please contact me below:
Be warned, Nigerian cyber swindle has upgraded to version 2.0! And be ware of Netwire and DataScrambler…no, the Nigerians don’t create them but they lease them from online hackers for as low as $25.