My colleagues at ESET Ireland, report that an all-too-familiar scam is currently hitting Irish mailboxes. I’ve talked about it at some length here previously – for instance here and here – but here’s a quick summary.
Someone, apparently someone you know (a friend or a family member) contacts you to tell you that they’ve been stranded without money abroad somewhere, usually after being mugged at gunpoint. At one time, Americans were frequently being contacted in this way by friends or relatives apparently in London, which is why the scam is sometimes referred to as Londoning or The London Scam, though potential victims in the UK were more likely to hear that the mugging victim was somewhere more exotic, like Lagos. And, of course, they need you to send you some money.
Ah, you may say: Lagos, one of the traditional homes of the 419 scam. And in fact, this scam is often associated with 419-ers (the Lads from Lagos, as The Register sometimes refers to them), though the attack is more targeted and a little more technically demanding than the traditional 419 spam email. Since most people don’t send money to complete strangers, the mail or chat message comes from a source (email account, Facebook account and so on) that either belongs to someone the target knows, but has been hijacked by the scammer, or at least looks as if it might belong to the real friend or relative.
Here’s a (part) transcription of the message that ESET Ireland quotes, though you shouldn’t assume that this is only an Irish problem. Peter Kruse, of the CSIS Security Group, tells us that not only are similar scams being seen in high volumes in Denmark, but the scammers have gone to the trouble of (auto-) translating the messages into Danish. While I haven’t been tracking this type of scam recently, I’d assume that it’s continuing to turn up all over the place.
I hope you don’t take offence in my sudden approach for help. We took a trip this week to Limassol, Cyprus and were attacked and robbed. My belongings including my cash, credit card and cell phones were all stolen. I’ve made contact with my bank but the best they can do is to mail me a new card which will take 7 working days to arrive here, am currently concluding my documentation at the embassy so that I can fly out. I need you to lend me some funds to settle some bills.
Please let me know if you can assist me in anyway so I can forward you details to effect a transfer. Waiting for your mail.
I suspect that those transfer details will relate to Western Union or Moneygram – scammers love Western Union transfers… Peter also remarks that they’re arriving not only by email but via Facebook chat, using compromised accounts, as is very common with this kind of scam. Facebook has a little information and advice here about ‘send money’ scams including a pointer to an FTC alert that covers this and several other scams involving money transfer services.
PS: I know that ESET Ireland is based in the Republic of Ireland and Londonderry – or Derry, as its more often referred to over there – is in Northern Ireland, but I couldn’t resist the pun.
Small Blue-Green World
ESET Senior Research Fellow
Author David Harley, We Live Security