Another day, another spam email drops into my inbox, somehow working its way around the Windows Live spam filter that does such a good job of protecting my eyes from all of the other unsolicited bobbins. Naturally, the message comes from a Nigerian citizen, a legal representative of a deposed prince who would like to pay me to hide some ill-gotten gains in my bank account. It’s a hugely generous offer, enough to make me think twice about the morality of saying yes.
The problem, of course is that it’s a Nigerian scam email – a scam that has been going on for years now, in slightly different forms with the occasional change of details. In fact the advance-fee fraud has been running for so long that I find it incredible that anyone would possibly be taken in by it.
I’ve been working IT and online security since 2004 and I know that there are people for whom the idea of using a computer is like learning a foreign language – remote, confusing and useless. I’ve seen the minds of intelligent people (consultant psychologists, professors of medicine) turn to jelly the moment a request to click the Start button in Windows is uttered.
Therefore I am well aware that people will click anything with a blue line under it, whether in an email or a webpage. My problem with the whole Nigerian Scam Email phenomenon is this – as the most famous scam in the digital age, reported on news programs, consumer rights shows and even in magazines, how can it continue to pay off for the perpetrators?
Perpetrating Identity Theft
It is of course a classic phishing ruse, divulging access to your bank account or leaving enough information for the scammers to steal your identity.
These emails typically require (and I quote):
- Your banker’s name, telephone, account and fax numbers.
- Your private telephone and fax numbers – for confidentiality and easy communication.
- Your letter-headed paper stamped and signed.
For years I’ve been telling users that any email requesting personal information should be reported and deleted. The problem I have is that with spam email systems as good as they currently are (and to let Windows Live off the hook, a quick browse through my Junk folder reveals several others, one addressed to me by surname!) it seems unlikely – to me – that the scammers would continue to use this same method repeatedly. So why are they doing it?
Is There More to the “Nigerian Scam Emails”?
Recently it was suggested to me that there could be something more to these emails that goes way beyond seemingly hilarious attempts at scamming money.
Another reason why I’m becoming increasingly doubtful about the true nature of these emails is the way in which they are presented. Would an online criminal targeting their emails at everyone who speaks English do so with a document littered with spelling mistakes – particularly when purporting to originate from an official source?
There are many ways in which the creators of these messages could have them checked over for grammatical errors and formatting. Services exist online that use automated solutions or living, breathing people to check these details; freelancing marketplaces are regularly visited by coders happy to clone a website and “article rewriters” so I find it hard to imagine there would be much difficulty in finding someone willing to revise the message and keep quiet.
So what is really going on? Could these messages be something more? Is it – and forgive me for going all James Bond – a secret message, disseminated in bulk so as to find the correct recipient regardless of the email address he or she is using?
It might sound a little far-fetched, but then so is the notion that people still fall for the scam. Back in the Cold War days and before, spies would use all manner of tricks to communicate with their contacts, from the arrangement of fallen twigs in a park to highlighting text with an invisible solution that only the contact could activate.
With this in mind, the Nigerian scam emails suddenly seem far more dangerous, don’t they? Could a terrorist organization be communicating with a cell? Are the messages sent by a foreign government to undercover agents in the UK or North America?
Do People Really Fall for These Scams?
Whether these emails are part of a conspiracy that is far more sinister than theft or are simply vestiges of an era when online security was something that mattered to other people, the fact remains that they are still being sent.
Someone, somewhere, is expecting a return of some sort – and meanwhile we’re all expected to get behind western governments who are more interested in Internet censorship under the guise of protecting copyright (of course that’s a whole other discussion). Wouldn’t all this effort be better spent fostering a safer online environment for regular users, educating them about reasonable and legal use of the web and dealing with the issue of online fraud rather than pandering to big business?
Of course it would. But whatever the truth is about the Nigerian Spam Emails, they’re still dropping into inboxes and junk folders, encouraging identity theft and possibly carrying a bit more information than is obvious to the untrained eye.
So what do you think – scam or spy?