What can we do about scam emails?
Did you hear about the Nigerian astronaut who needed $3 million to come back to earth? He’s been living in a secret Soviet space station since 1990.
Scam emails can be amusing. Most of us will be familiar with the unbelievable propositions of untold wealth. Typically a Nigerian royal needs to deposit a few million in your bank account for some unlikely reason, but first they need a few thousand pounds to help broker the deal. They have become known as 419 scams after the section of the Nigerian Criminal Code Act that refers to internet fraud, because such a proportion of the emails originate in the African country.
The implausibility of the stories, the poor spelling and grammar, the fact that 99% seem to emanate from Nigeria, it makes you wonder; who falls for it?
According to the Office of National Statistics there were 3.2 million online fraud offences in the UK last year.
The Office for National Statistics reported that almost two million people in the UK were the victim of online fraud in 2015. The US are getting serious about scam emails, arresting 74 people including 30 in Nigeria.
Scam emails are the latest incarnation of confidence tricks, where a victim is defrauded by fraudsters gaining their trust. Typically they are advance-fee frauds, where a victim is promised a reward in exchange for a small upfront payment, but in other cases scammers will use this trust try to gain access to money themselves.
Three shades of scam
There are three main types of scam email:
- Spoofing or phishing emails
Spoofing or phishing emails are emails that pretend to be from somebody else, such as a friend, bank or other service provider. While they might ask for money or particular access upfront, they are more likely to ask you to “confirm your account”, “login”, or “create a new password” using malicious links. This could lead to them stealing your money and/or identity.
2. Bogus offers
Bogus offers of goods or services that will not or cannot be provided. Beware of cheap gold, pyramid schemes or cheap real estate. If it sounds too good to be true, it probably is.
3. Requests for ‘help’
This scam has been around for hundreds of years and has been known as the Prisoner scam. Fraudsters pretend to be in contact with a wealthy person imprisoned under false identity. This person is relying on them to raise funds for their release, when they will be compensated for their actions. Victims are fooled into thinking that by helping the fraudsters supply the convict with money they will receive a generous cut of the return when they are released.
Other requests for help could include romance scams, where relationships are built before they ask the victim for money. This money is asked for for a number of reasons, whether it is family problems, theft, passport, beaten up, medical bills or costs of travel.
‘Elizabeth’ appeared on Good Morning Britain to talk about how she was defrauded of £20,000 by a Nigerian gang who targeted her through romantic communications.
- Filter spam
Frequently spam emails are also scam emails. Email providers have sophisticated spam filters that can weed out a lot of the junk that might otherwise confuse you. Make use of spam filters and pay attention when your email service provider warns you about potentially unsafe communications.
2. Be skeptical about unsolicited emails
Any email from somebody you haven’t previously communicated with should be viewed with suspicion, regardless of who they say they are.
Scammers have become experts at trying to fool people. They will frequently format their emails or disguise their email addresses in order to scam. Don’t take these emails at face value.
3. Treat attachments with caution
Only open email attachments if they are referred to in the email and you know what they are, and be sure to scan files with antivirus to ensure the files don’t infect your computer. Look for unusual file extensions and be particularly careful with .exe and .zip files.
4. Don’t click on suspicious links
Links can be disguised to look fairly legitimate, but could give scammers access to your emails, computer hard drive, internet history and even login information.
Why are scam emails so obvious?
Although people do get tricked by these scams, most of the time the emails are very obvious, prompting many to ask why. Why are the emails so badly written? Why are they often open about being from Nigeria despite its reputation? Why are the communications badly written and implausible?
A Microsoft report by Principal Researcher Cormac Herley asked why scammers admit they are from Nigeria in their emails, considering that most of us will be particularly vigilant with communications from Nigeria due to its terrible reputation for scam emails.
The report suggests that scammers could deliberately make scam emails relatively unconvincing in order to minimise the number of “false positives” — people who may respond to the communication but who are not gullible enough to be conned. By making these emails so unconvincing they are allowing particularly gullible people to identify themselves by responding.
Getting your own back
The 419 Eater website is devoted to ‘scambaiting’, the practice of wasting scammers’ time and resources by going along with a scam without any intention of handing over personal details or money.
Comedian Joel Veitch replies to scam emails enthusiastically, with some hilarious results.
Of course I don’t recommend wasting your time trying to waste scammers’ time. Find out more about avoiding and reporting suspicious emails on gov.uk.