Browse > Home / How to tell it’s a scam

How to tell it’s a scam


Nigerian scams

1. If it sounds too good to be true… it probably IS.

  • No, no one is gonna give you 20 million just because.
  • No, you cannot inherit money from someone you never met or heard of.
  • No, its not normal that you randomly receive 7 million dollars from a foreign financial institution.
  • No, you are not the only survivor of the [your lastname] family in Africa. First of all, you are not African, right?
  • You can’t win a lottery you for which you have NEVER bought a ticket.
  • If they need someone to receive a huge amount of money, why would they contact you, instead of a seasoned mobster?
  • If they have so much money, why they request you to send money to cover for expenses.
  • And no, no one is gonna give you 20 million just because.

Phishing

1. The “Dear user” line. Most online services, specially online banking systems will call you by your name, including your middle initial whenever it was used during the sign up procedure. Scamsters will call you using names that don’t involve any previous knowledge about you, other than your email address:

  • Dear member
  • Dear account user
  • Dear Interner user
  • Dear [your email address here], i.e. Dear john@doe.com
  • Dear [the part of your email that goes before the @ symbol, i.e. Dear john
  • Dear [the name of the targeted institution] member, i.e. Dear Bank of America member
  • Dear [your lastname], where the lastname was collected after unscrupulous websites when filling forms in order to get access to “free stuff”.

2. Unprofessional style. Phishers might be good fraudsters, but they rarely are good writers. You commonly see:

  • Grammatical errors
  • Awkward wording, as if they were foreigners (oftentimes they ARE!)
  • Bad spelling
  • Odd capitalization
  • Lack of proper punctuation
  • Incomplete signature lines
  • Unusual style, too colloquial to be regarded as “commercial correspondence”
  • Punctuation not in agreement with your country’s style, i.e. in English we use a comma after the greeting, in Spanish a colon is the common standard. If you are at an English-speaking country, receiving a mail from a local institution, why would they use Spanish punctuation?

3. They ask you to click on certain links within the email. Banks do not do that, they commonly tell customers “to go to their website”, which they usually do by typing their URL in the browser’s URL field.

4. Sense of urgency. They use words and phrases to create such as:

  • if you don’t comply in 24 hours…
  • please proceed immediately…
  • your account will be closed…
  • suspension notice…

5. It asks for your personal information, login info, credit card numbers, SSN, which, at least in the case of banks, if they have it already, they will never contact you to update it.

6. It contains links that appear legitimate, but those links send you to:

  • Websites that look like the targeted company, but at an unfamiliar URL, i.e. http://www.paypalupdate.info, instead of http://www.paypal.com
  • Non-encrypted pages. Secure, encrypted websites, such as financial institutions and payment interfaces for online purchases, begin with https:// (not http://) and browsers show a LOCK icon, usually in the lower right corner.
  • Login pages that look familiar, but after you have revealed your login name and password, don’t go to the regular interface, but to a second page asking for more information, say your social security number or account number. If you did this already, your ID has been stolen and your account(s) might be compromised. it’s time to call your financial institution or service provider to protect your account from further violations.

7. The “friendly name” that the email appears to be from is “Microsoft Promotion Team” or “Chase Manhattan Bank”, but if you look at the actual email address it came from (weirdname@foreignserver.fo), which it’s clearly NOT an institutional address or an advertising/promotion company.

Sedo - Buy and Sell Domain Names and Websites project info: nigerianscam.net Statistics for project nigerianscam.net etracker® web controlling instead of log file analysis