Email Scam Linked to ‘Underground Cybercrime Forums’ Involving Indian Vendor, Researcher Finds
Some internet users are still vulnerable to an email scam identified by the Federal Bureau of Investigation as Nigerian Letter or “419” Fraud that combines the threat of impersonation fraud, some forms of which asking for an advance fee in exchange for a percentage of millions of dollars that the sender professes to spirit away from Nigeria.
Security researcher Brian Krebs has claimed that the email scam presumably coming from a financial institution based in a foreign land depends upon “bots that crawl millions of Web sites and ‘scrape’ addresses from pages.”
According to the FBI, the recipient ( of the email scam) is encouraged to send information to the author, such as blank letterhead stationery, bank name and account numbers, and other identifying information using a fax number provided in the letter.
The new waves of this form of scam, Krebs noted, are still successful in preying on people. The security researcher has cracked the source of the ruse, an email vendor based in New Delhi, India professing that its lists are “100% opt-in and 100 percent legal to use.”
“Some of the more prolific spammers…turn to sellers on underground cybercrime forums. Additionally, there are a handful of open-air markets where lists of emails are sold by the millions. If you buy in bulk, you can expect to pay about a penny per 1,000 addresses,” Krebs wrote on his security blog.
“One long-running, open-air bazaar for email addresses is LeadsAndMails.com, which also goes by the name BuyEmails.org. I can’t vouch for the company’s claims, but one thing seems clear: Many of its clients are from Nigeria, and many are fraudsters.”
At the middle of the site’s home page is printed an advertisement that redirects to payment instruction page showing that Nigerian clients can buy email lists by wiring the payment from their bank accounts at several financial institutions in Lagos, Nigeria.
The email lists sold in the site run by the millions, and are country- and group-specific. Krebs noted that the site also sells “cheap bulk emailing solutions” that prevent the sender’s Internet Service Provider from shutting down the botnet or email infrastructure when sending email addresses in bulk.
“It offers bulletproof hosting, which is essentially a Web server equipped with Web-based email,” Krebs wrote, quoting the site as saying in its ad, “mail to 1000 recipients in seconds.”
Krebs went on to warn internet users: “There’s a good chance that your email address is now a product in the underground marketplace. The next scam in your inbox may claim to have been sent by a banker or bureaucrat. But, the sender probably got your name from a wholesale list-seller, and not from a trusted friend.”
The author of the email scam tries to lure the recipient by promising reimbursements for all expenses as soon as the funds are illegally transferred from Nigeria, with deep explanations about taxes, bribes to government officials, and legal fees.
“Once the victim stops sending money, the perpetrators have been known to use the personal information and checks that they received to impersonate the victim, draining bank accounts and credit card balances,” the FBI noted.
Although the email scam might appear “laughable” to some, criminal records show it has been causing millions of dollars in losses every year.
According to the FBI, some victims have been lured to Nigeria, where they have been imprisoned against their will along with losing large sums of money.
The investigation agency added that the Nigerian government does not sympathize with the victims of the email scam, since they conspire with the perpetrator to illegally remove funds from Nigeria.