What happens when you start discussing with an email scammer?


On August 11th 2015, I received the following email from a certain Thamra A., whom I did not know:

From Thamra
I am currently overseas with a friend and a serious accident happened, I need your help right away, answer me as soon as you get this message.
I cannot be reached by phone.
Thamra

(emails were translated from french)

You can probably see it coming from miles away: this is a scam. A scam is a spam with the purpose of stealing your money, usually asking you to send money with Western Union, use your account to transfer money abroad, or pay to receive your lottery winnings… We all receive a dozen of them every month. But this one was different. It was really short, and it did not contain spelling mistakes like they usually do.


Funny story: do you know why scam usually have so many spelling mistakes? You probably thought to yourself: there are so many errors, it looks fake, if they put a little effort into it, they might be more efficient. Actually, it wouldn’t, and there is a surprising mathematical truth behind it.

Let’s say you are a scammer and you emailed 1000 people with the same email, written in a perfect english. Statistics shows that 20% of people will answer. Then, you need to answer manually to those 200 people, and it usually won’t work because those “educated” persons will spot the scam after a few email exchanges. Now, email 1000 people with a text full of errors. Less people will answer (let’s say 2%), but those people will be easier targets, and you only need to manually “work” on 20 people.
You can find the whole study online with the exact statistics! You can also read this really interesting Quora thread.

There are other reasons as well. It can serve the purpose of the story, when a Nigerian for example wants to give you his fortune (Nigerian with a bad english seems reasonable enough). It can also help pass through spam filters that can’t recognized specific words. Finally, some people think that it can make the victim thinks that the scammer is not well educated and can be tricked.


Back to our story. While reading this email, I suddenly was very curious to know what would happen if I answered. So I used my worse french possible (to look weak), making a lot of mistakes, and answered:

From me
Oh my god how can I help????
From Thamra
Bastien,
I just read your message, and I want to inform you of a sad truth, there have been an accident on the road during my trip to Morocco with an old friend.
There is nothing serious but my friend is in a critical state I am very worried, I would like that you lend me 100€ I need prepaid PCS Mastercard, you can buy these PCS card in a convenient store I need cards of 100€ or 150€ for a total of 1000€ next you need to send me the codes.
I hope you will be able to do it quickly keep me posted.
Thamra

Note: the absence of punctuation also appeared in the text. I did not translate the spelling mistakes however, as it would not make sense from french to english.

I played my part, and answered:

From me
I understand, I only have 500€ is it enough?
From Thamra
Yes give me the codes when you have the cards.
From me
I can only do it next week is it still useful?
From Thamra
I need them very quickly to recharge my credit card please do your best to get those PCS cards right away if possible.

At this point, I decided to read through the email exchange to think about my next move. To do so, I typed the name (Thamra) into my email client search box, and looked at the first email I received from her. And HOLY SH*T, she contacted me before! A month prior to this discussion, she sent her résumé to get a job in the company I work for. I did not understand what was going on... I discussed the matter with a friend who helped me understand. Thamra (the real one) probably got her Yahoo email account hacked, and the fake Thamra was smart enough to email people she has been discussing with lately (or maybe her entire contact book). It makes sense: if I am in her email history or contact book, I probably know her and would be willing to help her.

I decided to reach out to the real Thamra (by text message) to warn her. Here is her answer:

From the real Thamra
I know, I am sorry for the inconvenience. Thanks for warning me.

The situation was pretty clear then: someone stole the account of Thamra, probably changed her password, and used her address to contact and steal from the people she knows. It felt really weird to imagine this person I was talking to. It was probably a man actually!

I decided to move to the next step, and try to get the fake Thamra to give me some more information.

From me
OK I will do my best. I don’t understand why me? How did you get my email?

I truly had no idea how he was going to answer to this. I was expecting him to give up. But he sent me this 24 hours later:

From (fake) Thamra
Do you get my messages? I currently have some trouble answer me quickly.

Nice trick I can give him that!

From me
Yes yes I can receive them, I just got a card, which number do I need to send? There are many numbers.

At this point, I just wanted to mess with him :)

From (fake) Thamra
You need to scratch the card and give me the code.
From me
I think it is 5304 4600 1543 1652.
From (fake) Thamra
No it is not the right code, instead send me a copy of the card.
From me
Give me a fax number so I can fax it.
From (fake) Thamra
Impossible, take a picture of the card you bought and send me a copy to check.

At that moment, I was truly surprised by the effort this person put in to get me. Well, he probably thinks there are 500€ are stake, so it is understandable. How many people was he talking to simultaneously? I really wanted to reveal myself, send a big “GOTCHA” and try to get to know him and understand how it all works. The only problem was: what if he gets angry, and decides to get back at me? He has my email address, he can get my name easily, my phone number is available online… I decided to continue the experiment, but to keep a safe way out. In this case it would mean going all in, either he calls my bluff and keep discussing, or he gives up, thinking I won’t bite and we stay good friends :)

From me
I don’t understand I just saw pictures of your holidays on Facebook, you were in Holland, not Morocco. Did you have a change of location during your holiday?

How far was he going to go? How long can we discuss like this? Actually this was as far as he would go. It has been three weeks and I did not receive any other email. Game is over!