Kaspersky researchers uncovered more than 414,000 email scams known as “Nigerian scams” in 2024. These scams were based on sending messages with attractive financial promises, with the aim of convincing victims to enter into email correspondence that was then used to defraud them. Recent scams include impersonating wealthy businessmen who claim to be interested in investing, as well as scammers claiming to represent the Illuminati, a secret organization with roots in the Enlightenment.
Nigerian email scams:
These scams are a form of advance payment scams, where scammers promise victims large sums of money, attractive investment opportunities, or exclusive privileges, but they require an advance payment, often claimed to be a closing fee, legal costs, or travel expenses.
The original “Nigerian” scams were sent in the names of influential and wealthy individuals from Nigeria, hence the name. Over time, these scams have evolved, with cybercriminals exploiting current events and trending topics to attract their victims’ attention.
The previous payment scams uncovered by Kaspersky in 2024 included both traditional examples of scams, such as messages from wealthy people claiming to be ill, as well as more unconventional methods.
Some scams were sophisticated; for example, they might involve offers to be friends, where the victim and scammer meet and communicate online, but when the victim is ready to meet, the scammer tells them that they need financial help because they cannot afford a plane ticket or visa.
In a different scenario, the scammer claims to want to send the victim an expensive gift, but asks the victim to cover the shipping costs because they cannot afford to send it by mail.
An unusual example is a phishing email purporting to be from the secret society of the Illuminati, in which the scammers claim they are willing to share their wealth and power if the recipient agrees to join them.
Another scam uncovered by the Kaspersky team was that one of the emails purported to be from a European lottery manager, but its content was almost empty. Details of the “win” were included in an attached PDF file, and the user was asked to enter their name, address, phone number, and even their job title to claim the prize.
Some of the scams also reference recent or ongoing events, such as the COVID-19 pandemic or the possibility of Saudi Arabia joining the BRICS group, and claim that recipients are entitled to receive money as a result of these developments. The scammers also exploited events related to the United States in 2024. For example, the presidential election, they claimed that recipients of these emails would win millions of dollars from the Donald Trump Foundation.
In other cases, to boost the credibility of their emails, scammers have attached images of documents that supposedly prove the sender’s identity.
While most prepaid fee scams target individuals, similar scams have been seen in the B2B sector. Cybercriminals claim to be looking for companies to invest in, implying that the recipient’s company is a potential target for investment. To arrange a “partnership,” they ask the recipient to respond to the email.
“The so-called ‘Nigerian’ scam has been around for years and is one of the most diverse forms of cyber fraud,” notes Anna Lazarisheva, Kaspersky’s spam analyst. “Scammers can impersonate real or fictitious people, such as bankers, lawyers, executives, or even high-ranking officials, and come up with elaborate stories to manipulate their victims. These scams do not rely on malicious links or attachments, as is the case with some email-based cyberattacks; Rather, they rely entirely on social engineering, where long-term conversations are held to build trust and legitimacy. What makes these methods different from fraud and makes them so dangerous is their flexibility; fraudsters are constantly evolving them, exploiting global events and popular news to lend credibility to what they offer. We can expect these fraud methods to evolve in the future to become more sophisticated and perhaps more difficult to detect. This emphasizes the need to raise awareness and develop digital literacy to recognize and confront these manipulative tactics. "
What can you do to protect yourself from fraudulent messages?
To protect yourself from email scams, follow these recommendations:
- Be wary of emails that claim to be from known people. It is best not to respond at all to messages from untrusted senders.
- If for some reason you can’t avoid communicating with an unknown person, check the credibility of the information provided before responding, paying attention to inconsistencies, grammatical errors, a different reply address than the sender’s, or if you see a different address in the body of the email, as this may indicate a possible scam.
- If you receive a message from someone you know, but the content of the message seems strange, it is best to contact the sender via an alternative means of communication, to verify that they are the real sender of the message.
- Use some tried and trusted security solutions when browsing the web; these solutions can identify and block spam and phishing campaigns.
Post a Comment