Monday, May 29, 2017

This Scam is a little more Clever than the others

The SVG Facepalm v3.0
The SVG Facepalm v3.0 (Photo credit: Wikipedia)
I still sometimes go through my spam to make sure that none of the newsletters I signed up to ended up there.

It was mostly the same old, same old. I'm a winner in various sweepstakes that I never signed up to. I need to verify my credentials on supposedly legit sites that use too many dots in their email server. (I didn't know that Bank of America used angel.ocn.ne.jp email server). Life insurance, auto warranty extensions, and of course various "Final Notice" from a guy named Michael S.

For those of you who are wondering, companies sending you a final notice to anything will use their legitimate email server bearing the company name. Not some randomly generated alphanumeric name and email server.

You hear that "Michael"? You're an idiot. Even if you send it five times. Yeah, you're also "Andrew M." I'm on to you! Seventeen Emails! Take a hint already!


Of course, there were plenty others that were meant for a guy. I do not know any men named "Nancie". If they did, the algorithms that they set would leave male enhancements and messages like these out of my inbox.

It's not mine! I swear!

But then I came across this gem:


This one is odd. It has no pictures and no links. The email was sent via outlook. It was as legitimate as a friend sending a quick message.

However, all of the red flags started to go off. I'm not sure what triggered it at first, so I decided to check the original content. This actually contains all of the header information. It bounced around a few times, but nothing out of the ordinary.

After thinking a few minutes, it dawned on me. It was probably from a reshipping scam. This is a scam where thieves will send you stolen merchandise for you to "inspect", repackage and reship to another destination.
Criminals post job announcements on Internet career sites offering work-at-home positions—sometimes advertised as “merchandising manager” or “package processing assistant.” Duties include receiving packages and mailing them to a foreign address on behalf of a client, using postage-paid mailing labels provided via email. (source).

Some of the scams will deposit money into your account and tell you to send that money to another place. The money they deposit into your account is actually bogus and by the time you figure that out, it's too late. You have to pay that money back, regardless if you have it or not.

This particular scam in an economy that is still weak is the hardest to detect. I was able to detect this scam but only because I've had a few years of sniffing these out (since 1998, yes I'm that old). If you are not paying attention and you are struggling financially, it's easy to be taken.
Everything seemed perfectly legitimate in the beginning. The company had an extensive online presence, there was an employment contract, tax forms, and the offer of a decent income. (source)
Hopefully, as more people are informed about this scam, it becomes more and more difficult for these people to find the unsuspecting masses workers they need. Kind of hard to run a scam if no one is willing to be scammed.

I did get a Nigerian prince scam, but there are so many others, this got pushed down to three pages.  Sorry, (in this case) Saphia Farkash, the wife of an embattled Lybian leader, Colonel Muammar Gadaffi, you are no longer relevant.

By the looks of the related articles, however. Looks like people are falling for it still.