An advance-fee scam is a form of fraud. The Federal Bureau of Investigation (FBI) states that "An advance fee scheme occurs when the victim pays money to someone in anticipation of receiving something of greater value - such as a loan, contract, investment, or gift - and then receives little or nothing in return."[3] There are many variations of this type of scam, including the Nigerian prince scam, also known as a 419 scam.
It is popularly known as "yahoo yahoo" in Nigeria. Although Nigeria is most often the nation referred to in these scams, they mainly originate in other nations. The modern scam is similar to the Spanish Prisoner scam that dates back to the late 18th century.[13][14] In that con, businessmen were contacted by an individual allegedly trying to smuggle someone who is connected to a wealthy family out of a prison in Spain.
One variant of the scam may date back to the 18th or 19th century, as a very similar letter, entitled "The Letter from Jerusalem". This is illustrated in the memoirs of Eugène François Vidocq, a former French criminal and private investigator.[16] Another variant of the scam, dating back to ca. The modern-day transnational scam can be traced back to Germany in 1922[18] and became popular during the 1980s.
There are many variants of the template letter. Other official-looking letters were sent from a writer who said he was a director of the state-owned Nigerian National Petroleum Corporation. He said he wanted to transfer $20 million to the recipient's bank account-money that was budgeted but was never spent. In exchange for transferring the funds out of Nigeria, the recipient would keep 30% of the total.
Many scammers tend to come from poorer and more-educated backgrounds, where Internet access and better education, along with inability to afford basic necessities, drive people into committing online fraud.
Read also: Atlanta Nigerian Passport Services
The sums involved are usually in the millions of dollars, and the investor is promised a large share, typically ten to fifty percent, in return for assisting the fraudster to retrieve or expatriate the money. The money could be in the form of gold bullion, gold dust, money in a bank account, blood diamonds, a series of cheques or bank drafts, and so on.
Once the victim's confidence has been gained, the scammer then introduces a delay or monetary hurdle that prevents the deal from occurring as planned, such as "To transmit the money, we need to bribe a bank official. Sometimes psychological pressure is added by claiming that the scammers' side, to pay certain fees, had to sell belongings and mortgage a house or by comparing the salary scale and living conditions in their country to those in the West.[26][34]
Much of the time, however, the needed psychological pressure is self-applied: once the victims have provided money toward the payoff, they feel they have a vested interest in seeing the "deal" through. The essential fact in all advance-fee fraud operations is that the promised money transfer to the victim never happens because the money does not exist.
During the course of many schemes, scammers ask victims to supply bank account information. Usually this is a "test" devised by the scammer to gauge the victim's gullibility;[9] the bank account information is not used directly by the scammer, because a fraudulent withdrawal from the account is more easily detected, reversed, and traced. Scammers instead usually request that payments be made using a wire transfer service like Western Union and MoneyGram.[48]
The reason given by the scammer usually relates to the speed at which the payment can be received and processed, allowing quick release of the supposed payoff. The real reason for using such money-sending services is that such wire transfers are irreversible and often untraceable. Telephone numbers used by scammers tend to come from burner phones. In Ivory Coast, a scammer may purchase an inexpensive mobile phone and a pre-paid SIM card without submitting any identifying information.
Read also: Experience Fad's Fine African Cuisine
Nigeria also contains many businesses that provide false documents used in scams. The "success rate" of the scammers is also hard to gauge, since they operate illegally and do not keep track of specific numbers. The success of advance fee crimes is based on the initial persuading of the victim.
In recent years, efforts have been made by governments, internet companies, and individuals to combat scammers involved in advance-fee fraud and 419 scams. A central element of advance-fee fraud is that the transaction from the victim to the scammer must be untraceable and irreversible. Wire transfers via Western Union and MoneyGram are ideal for this purpose.
International wire transfers cannot be cancelled or reversed, and the person receiving the money cannot be tracked. Other non-cancellable forms of payment include postal money orders and cashier's cheques, but wire transfer via Western Union or MoneyGram is more common.
Scammers can create as many accounts as they wish and often have several at a time. Facsimile machines are commonly used tools of business whenever a client requires a hard copy of a document. They can also be simulated using web services and made untraceable by the use of prepaid phones connected to mobile fax machines or by use of a public fax machine such as one owned by a document processing business like FedEx Office/Kinko's. Thus, scammers posing as business entities often use fax transmissions as an anonymous form of communication.
Abusing SMS bulk senders such as WASPs, scammers subscribe to these services using fraudulent registration details and paying either via cash or with stolen credit card details. They then send out masses of unsolicited SMS messages to victims stating they have won a competition, lottery, reward, or an event and that they have to contact somebody to claim their prize.
Read also: Philadelphia Food Truck
These messages may be sent over a weekend when the staff at the service providers are not working, enabling the scammer to be able to abuse the services for a whole weekend. Even when traceable, they give out long and winding procedures for procuring the reward (real or unreal) and that too with the impending huge cost of transportation and tax or duty charges.
On calling the number, the victim is first reassured that 'they are a winner' and then subjected to a long series of instructions on how to collect their 'winnings'. During the message, there will be frequent instructions to 'ring back in the event of problems'. The call is always 'cut off' just before the victim has the chance to note all the details.
Some victims call back multiple times in an effort to collect all the details. Many scams use telephone calls to convince the victim that the person on the other end of the deal is a real, truthful person. The scammer, possibly impersonating a person of a nationality or gender other than their own, would arouse suspicion by telephoning the victim.
In these cases, scammers use TRS, a US federally funded relay service where an operator or a text/speech translation program acts as an intermediary between someone using an ordinary telephone and a deaf caller using TDD or other teleprinter device. The scammer may claim they are deaf, and that they must use a relay service.
FCC regulations and confidentiality laws require operators to relay calls verbatim and adhere to a strict code of confidentiality and ethics. Thus, no relay operator may judge the legality and legitimacy of a relay call and must relay it without interference. This means the relay operator may not warn victims, even when they suspect the call is a scam.
Tracking phone-based relay services is relatively easy, so scammers tend to prefer Internet Protocol-based relay services such as IP Relay. TRS is sometimes used to relay credit card information to make a fraudulent purchase with a stolen credit card.
Sometimes, victims are invited to a country to meet government officials, an associate of the scammer, or the scammer themselves. Some victims who travel are instead held for ransom. Sometimes victims are ransomed, kidnapped, or murdered. There are many variations on the most common stories, and also many variations on the way the scam works.
Some of the more commonly seen variants involve employment scams, lottery scams, online sales and rentals, and romance scams. This article cannot list every known and future type of advanced fee fraud or 419 scheme; only some major types are described.
Common Variants of Advance-Fee Scams
Let's examine some common variations of advance-fee scams:
Employment Scams
This scam targets people who have posted their résumés on job sites. The scammer sends a letter with a falsified company logo. The job offer usually indicates exceptional salary and benefits, and requests that the victim needs a "work permit" for working in the country, and includes the address of a (fake) "government official" to contact.
The "government official" then proceeds to fleece the victim by extracting fees from the unsuspecting user for the work permit and other fees. Many[quantify] legitimate (or at least fully registered) companies work on a similar basis, using this method as their primary source of earnings. Some modelling and escort agencies tell applicants that they have a number of clients lined up, but that they require some sort of prior "registration fee", usually paid in by an untraceable method, e.g.
The scammer contacts the victim to interest them in a "work-from-home" opportunity, or asks them to cash a cheque or money order that for some reason cannot be redeemed locally. In one cover story, the perpetrator of the scam wishes the victim to work as a "mystery shopper", evaluating the service provided by MoneyGram or Western Union locations within major retailers such as Wal-Mart.[64] The scammer sends the victim a forged or stolen cheque or money order as described above, the victim deposits it-banks will often credit an account with the value of a cheque not obviously false- and sends the money to the scammer via wire transfer.
Later the cheque is not honoured ("bounces") and the bank debits the victim's account. More sophisticated scams advertise jobs with real companies and offer lucrative salaries and conditions with the fraudsters pretending to be recruitment agents. A bogus telephone or online interview may take place and after some time the applicant is informed that the job is theirs. To secure the job they are instructed to send money for their work visa or travel costs to the agent, or to a bogus travel agent who works on the scammer's behalf.
No matter what the variation, they always involve the job seeker sending them or their agent money, credit card or bank account details.[65] A newer form of employment scam has arisen in which users are sent a bogus job offer but are not asked to give financial information.
Another form of employment scam involves making people attend a fake "interview" where they are told the benefits of the company. The attendees are then made to assist to a conference where a scammer will use elaborate manipulation techniques to convince the attendees to purchase products, in a similar manner to the catalog merchant business model, as a hiring requisite. Quite often, the company lacks any form of the physical catalog to help them sell products (e.g. jewelry).
When "given" the job, the individual is then asked to promote the scam job offer on their own.
Lottery Scams
The lottery scam involves fake notices of lottery wins, although the intended victim has not entered the lottery. The "winner" is usually asked to send sensitive information such as name, residential address, occupation/position, lottery number etc. In addition to harvesting this information, the scammer then notifies the victim that releasing the funds requires some small fee (insurance, registration, or shipping).
The fake cheque technique described above is also used. Fake or stolen cheque, representing a part payment of the winnings, being sent; then a fee, smaller than the amount received, is requested. Typical lottery scams address the person as some variation of Lucky Winner.
Online Sales and Rentals
Many scams involve the purchase of goods and services via classified advertisements, especially on sites like Craigslist, eBay, or Gumtree. They will typically then send a fake cheque written for an amount greater than the asking price, asking the seller to send the difference to an alternate address, usually by money order or Western Union.
They offer to pay the airfare of the participants, but not the hotel accommodations. Sometimes, an inexpensive rental property is advertised by a fake landlord, who is typically out of state (or the country) and asking for the rent and/or deposit to be wired to them.[73] Or the con artist finds a property, pretends to be the owner, lists it online, and communicates with the would-be renter to make a cash deposit.[74]
The scammer may also be the renter as well, in which case they pretend to be a foreign student and contact a landlord seeking accommodation. They usually state they are not yet in the country and wish to secure accommodations prior to arriving.
Pet Scams
The pet may either be advertised as being for-sale or up for adoption. Typically, the pet is advertised on online advertising pages complete with photographs taken from various sources such as real advertisements, blogs or wherever else an image can be stolen. By determining the location of the victim, the scammer ensures he is far enough from the victim so as to not allow the buyer to physically view the pet.
Should the scammer be questioned, as the advertisement claimed a location initially, the scammer will claim work circumstances having forced him to relocate. Upon the victim deciding to adopt or purchase the pet, a courier has to be used which is in reality part of the scam. If this is for an adopted pet, typically the victim is expected to pay some fee such as insurance, food or shipping.
Numerous problems are encountered in the courier phase of the scam. The crate may be said to be too small, and the victim has the option of either purchasing a crate with air conditioning or renting one while also paying a deposit, typically called a caution or cautionary fee. The victim may also have to pay for insurance if such fees have not been paid yet. Additionally, the victim may be asked to pay for a health certificate needed to transport the pet, and for kennel fees during the recuperation period. The further the scam progresses, the more similar the fictitious fees are to those of typical 419 scams.
Romance Scams
One of the variants is the Romance Scam, a money-for-romance angle.[79] The con artist approaches the victim on an online dating service, an instant messenger, or a social networking site. An extreme example of this is the case of a 67-year-old Australian woman, Jette Jacobs. In 2013, she traveled to South Africa to supposedly marry her scammer, Jesse Orowo Omokoh, 28, after having sent more than $90,000 to him over a three-year period.[83] Her body was discovered on February 9, 2013, under...
But as they became more popular and more people lost their life savings, awareness grew until they are now the subject of many popular memes. So surely no one is continuing to fall for these scams decades later, right? Unfortunately, that doesn’t appear to be the case. While it feels that these are old news, we can surmise that these attacks are still being sent because they work-people continue to fall for them at a rapid enough pace that they are still worth the effort put into them.
And making matters worse? Now they’re using generative AI to create them.
Greetings from Nigeria
These attacks rely on common social engineering tactics like urgency and human decency, preying on the empathy of the recipient and their willingness to help in an emergency. In this attack, the sender states that his mother was the former Minister of Petroleum from 2010-2015 under the Administration of President Goodluck Ebele Johnathan. He goes on to say that he has $250M he wants to invest in the firm. Obviously, the recipient will be “greatly rewarded” for their efforts.
The Evolution of the Scam: From Nigerian Royalty to Global Government
Unfortunately, it is no longer only Nigerian royalty that are being impersonated. Some of them remain closely related to the traditional scam, speaking of dead relatives with large inheritances. That said, there has also been a shift in tactics. Whereas the traditional Nigerian Prince schemes spoke only of personal gain, some of these newer versions are related to business transactions, including this one from The Ministry of Defence of Ukraine.
This attack asks the recipient to deposit $50M in exchange for 10% of the money, in a “100% risk free” business transaction. This is an evolution of the traditional 419 scam, now referencing business transactions rather than personal ones.
The Shift from Human Prince to Generative AI
Unfortunately, as the average person becomes more aware of these schemes, cybercriminals continue to find ways to outsmart them. Spelling mistakes and grammatical errors have long been characteristics of an attack, making them easy to spot even if they did land in the inbox. It’s clear that at least one threat actor is testing their luck with it, evidenced by these two attacks we’ve found. While they are using different sending addresses, they both have the “John Albert” display name and the same reply-to address.
As a result, they are refining their scams, using similar tactics but different themes to target personal and business accounts alike. As these examples show, the Nigerian Prince scam is far from over and is instead rapidly evolving. As a result, organizations must be prepared to stop them before they reach the inbox. Unfortunately, we can’t rely on humans not to fall for these schemes, as the millions lost to them each year can attest.
To discover more about how Abnormal detects these attacks, request a demo today.
