Cyberheist Snippet 2: The Field Has Changed, But the Game Remains the Same

[caption id="attachment_262" align="aligncenter" width="250" caption="Cyberheist book cover"]Cyberheist cover image[/caption]

As we mentioned in Cyberheist Snippet 1, we're working on a book here at, and it features Cyberheist as the first word in its title. Here's a second snippet from the book, this one taken from Chapter 2 "How and Why Scams Survive, Thrive, and Succeed." It explains that some familiar e-mail scams have deeper roots than most people may think:

The Spanish Prisoner is a con game from the 1800s in which the victim is told of a wealthy but un-named prisoner in Spain raising money to secure release. In return for investing, the victim is promised a generous financial reward upon release—a reward that doesn’t exist. Sound familiar? It should—modern variations include advance-fee fraud, the black money scam, the Russian/Ukrainian scam, and the Nigerian scam or 419 scam. The Nigerian scam employs the same trick by promising financial gain in return for funds advanced. Dozens of variations exist throughout different countries.

In the past month, for example, we've seen bogus sweepstakes winnings offered to us (Sweepstakes/lottery scams), and have had numerous offers of bank account funds proffered if only we would retrieve them (419/Nigerian scam). We've also been given the chance to obtain free laptop computers just for "evaluating" them (this requires a "small fee" that must be paid by credit card, and gives thieves the opportunity to harvest credit card credentials, often for weeks, while victims wait for their nonexistent notebook to materialize), and offered college degrees just by paying the same kind of "small fee" mentioned for the preceding eval scam. Oh, and don't forget about the "work at home" scams that require workers to pay a registration fee, or purchase a kit of some kind, all in the name of the same thing (harvesting credit card data). These scams abound, and proliferate faster than bunnyrabbits in the springtime. If you actually examined all the spam that hits your inbox you could find the same things for yourself, up close and personal.

Just FYI, the black money scam is one where cyberthieves convince victims that the suitcase full of black paper they will show them is actually high-denomination currency that's been dyed black to avoid customs duties. In exchange for paying  for the chemicals to remove the dye, the victim is promised a cut of the cleaned-up money. Yeah, right! Likewise, the Russian/Ukrainian scam is a variation on the Nigerian/419 scam whose perpetrators usually reside in one or more the countries that once comprised the USSR. And in general advance-fee fraud is a phrase used to describe scams that take the form "you give me some money now, and I give you a lot more money later" (and where later turns into never, as you might expect).

We might add that it's unusual for a single day to go by without at least one message of this type (and often, many more than that) getting caught in our spam filter. Remember that when it comes to "free money" and "the chance of a lifetime if you act fast" that the free money on the table is not somebody else's — it's yours, and cyberthieves are trying to take it away from you. There's a very good reason why it's sometimes said that the Internet is "the net of a thousand lies!" It's even more true that when it comes to spam, anything that sounds too good to be true is not only false, but absolutely a snare of some kind that seeks to separate the gullible and credulous from their money.

Topics: Cybercrime, KnowBe4

Subscribe To Our Blog

Ransomware Hostage Rescue Manual

Get the latest about social engineering

Subscribe to CyberheistNews