Open in app

Sign in

Write

Sign in

OSINT Analysis of a Real Fraudulent Email

Golden Owl
CyberScribers
Published in
6 min readFeb 12, 2024
OSINT Analysis of a Real Fraudulent Email

In an era where digital communication has become a cornerstone of our daily lives, email stands out as a prime channel for both legitimate correspondence and, unfortunately, fraudulent schemes. These scams often exploit a fundamental aspect of human nature: greed. The seductive call of “too good to be true” offers is meticulously designed to trigger emotional responses, playing on the desire for quick gains and preying on our greed.

A real example of such a message promises a large inheritance from a Mrs. Maria Crasmaru, claiming to be from Romania, who is seeking a trustworthy individual to donate her late husband’s wealth to charity. This scenario, while emotionally compelling, is rife with red flags that can be exposed through OSINT methods.

The Importance of Reasonableness

Before diving into the technical aspects of OSINT, it is important to address the reasonableness of the email’s narrative. Why would someone make such a grand offer to an unknown person? The answer lies in understanding that scammers leverage the element of surprise and the appeal of altruism to ensnare their targets. Realistically, there are legal and official channels for such matters that do not involve random emails to strangers. This lack of reasonableness is the first indicator that the offer is likely a scam.

The Psychology & Goals Behind the Scam

Fraudulent emails, like the one from Mrs. Maria Crasmaru, are engineered to cloud judgment by engaging the emotional center of the brain, often causing the logical part to take a backseat. This manipulation is why people, despite obvious red flags, may still engage with the email.

The ultimate objective of the scam encapsulated in emails like the one from “Mrs. Maria Crasmaru” isn’t always immediately apparent. While phishing or the outright theft of personal data is common, another insidious goal often lurks beneath the surface. These scammers artfully build a narrative to gain your trust and appeal to your altruistic impulses, suggesting that a significant sum of money is within your reach. However, before this bounty can be released, they claim that minor legal or banking fees need to be covered. It’s here that the true scam unfolds. They’re not after a grand payout; their aim is to accumulate many small amounts of money from individuals willing to risk what seems like a negligible sum, perhaps $100 to $500, in the hope of receiving a million. This strategy relies on volume — even small amounts from a large number of people can add up to a substantial sum for the fraudsters.

Recognizing the Red Flags

To shield oneself from the sophisticated traps of scams, one must be both alert and informed about their typical traits. Here’s what to look out for:

  • Unsolicited Offers: Be skeptical of emails that land in your inbox uninvited, promising significant wealth or irresistible deals, especially when you have had no previous interactions that would warrant such offers.
  • Pressure Tactics: Scammers frequently create a false sense of urgency, insisting that you must act quickly. This pressure to act fast is a deliberate strategy to push you into making decisions without due diligence.
  • Too Good To Be True: If an offer seems outlandish, promising high returns for little to no input, it’s a signal that it’s likely a sham. Real opportunities of value generally require an investment of time, effort, or resources.
  • Request for Personal Information: Genuine entities conduct due diligence and have secure protocols for requesting personal data. An unsolicited email asking for such information is a red flag for a scam.
  • Poor Spelling and Grammar: Professional organizations pride themselves on clear and correct communication. Numerous errors in an email suggest it’s not from a legitimate source.
  • Suspicious Links or Attachments: These are common methods for distributing malware or spyware. A legitimate sender with a legitimate offer will not require you to download unknown or unsolicited files.
  • Incoherence and Inconsistencies: Pay attention to the story being told. Does it make sense? Would a person with a vast estate not have a lawyer or an official executor for their will? Discrepancies between the story, the supposed wealth, and the means of contact often reveal the scam’s nature.

By remaining vigilant and scrutinizing the details, you can often spot and avoid falling prey to these fraudulent schemes. Always approach such emails with a critical eye, and when in doubt, err on the side of caution.

OSINT: Why?

Open Source Intelligence (OSINT) offers a broad spectrum of possibilities for investigating and verifying the authenticity of potentially fraudulent emails. Among these, Social Media Corroboration plays a crucial role; scammers frequently construct false identities that exhibit minimal to no presence on social media platforms. An OSINT inquiry into the social media landscape using the name and details provided in such emails often fails to produce relevant results or uncovers inconsistencies that cast doubt on the email’s legitimacy. Additionally, the Reverse Search of Provided Details is an invaluable OSINT technique that involves cross-referencing names, locations, and events mentioned within the suspicious email against available public records and databases. This method helps in identifying mismatches between the email’s content and verifiable facts, significantly bolstering the evidence that an email may be part of a scam operation. Together, these OSINT strategies empower individuals and organizations to critically assess and potentially uncover the fraudulent nature of suspicious emails, thereby enhancing digital security and awareness.

Superficial OSINT Analysis

In cases where the fraudulent nature of an email seems evident from a logical standpoint, a superficial OSINT analysis can still be enlightening and serve as a valuable exercise in due diligence:

  1. Domain Analysis Limitations: While a domain check is a standard OSINT practice, it loses its relevance when the sender uses a widely recognized email service like Gmail. Scammers often use such services to appear more trustworthy and to bypass domain-based scrutiny.
  2. Email Address Reputation: Despite the use of a common email service, the sender’s email address can still be scrutinized against spam and abuse lists. These databases may reveal a history of the email being reported for suspicious activity, adding to the evidence against the sender’s credibility.
  3. Name Inconsistency and Commonality: A notable red flag in this case is the discrepancy between the writer’s name and the sender’s name, which suggests deceit. Furthermore, the writer’s name is relatively common, which could be a tactic to evade personal identification and verification. A search for the name may yield numerous unrelated results, making it difficult to associate it with any legitimate personal or professional background.

A deeper investigation reveals more details for digital forensics; however, for cautionary purposes, a superficial analysis is often sufficient.

Reporting to Authorities

If an email fails the OSINT authenticity check, it is crucial to take action by reporting it:

  • Report to Email Service Providers: Most email services, including Google, offer options for reporting spam and phishing attempts. This can usually be done directly within the email interface by selecting the appropriate option (e.g., marking as spam or reporting phishing). For Google and Gmail users, you can report phishing by clicking on the three dots next to the reply button in an email and selecting “Report phishing.” This feedback is invaluable for improving their algorithms to better identify and filter out scams in the future.
  • Report to Google: If the fraudulent activity involves Google services (like Gmail), apart from using the in-email reporting feature, you can also use Google’s official reporting tools available on their support website. This includes reporting phishing emails that attempt to impersonate Google or misuse Google services.
  • Notify Relevant Authorities: Many countries have established official channels for reporting internet fraud, such as cybercrime units or national fraud reporting centers. Reporting to these authorities can assist in the tracking, investigation, and potential shutdown of scam operations. This step is vital for broader efforts to combat online fraud and protect others from falling victim to similar scams.

By reporting suspicious emails to both your email service provider and relevant authorities, you contribute to a safer online environment for everyone.

Conclusion

The case of the email from “Mrs. Maria Crasmaru” serves as a cautionary tale in the necessity of critical thinking and the use of OSINT for verification. In a world where digital deception is rampant, OSINT stands as a beacon of defense, enabling individuals to discern fact from fiction effectively. Always approach unsolicited offers with skepticism, and remember that if it doesn’t seem reasonable, it’s likely not true. Use the tools at your disposal to protect yourself and others from the predatory tactics of scammers.

In conclusion, Golden Owl™ symbolizes a commitment to awareness and the strategic application of OSINT for both personal and business safety. Through diligent investigation, education, and the responsible use of open-source intelligence, we empower individuals and organizations to navigate the digital world securely.

Osint
Fraud
Scam
Fraud Detection
Golden Owl

--

--

Golden Owl
CyberScribers

Written by Golden Owl

368 Followers
Writer for

writing about Open Source Intelligence (OSINT), Business Intelligence, Competitive Intelligence, and ...INT. https://www.golden-owl.eu/

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams