Cookie policy
Follow this topicFollow this topic Knowledge » Scams

The email phishing scam that relies on your stupidity

Tony Levene
by Lovemoney Staff Tony Levene on 25 August 2012  |  Comments 21 comments

An email arrives, supposedly from a friend or colleague. Even though there are clear signs that it is a scam, many of us still fall for it.

The email phishing scam that relies on your stupidity

Scams do not only dupe the naive and the daft. Really clever people also fall for the most obvious online scams, handing over the keys to their email, and sometimes just about everything else.

I don't know whether to laugh or cry.

Should I have a good giggle because, despite warning after warning, highly intelligent people still fall for dangerous nonsense? Or should I have a good weep because those self same people don't read the warnings – or that they are not as clever as their pay grade might imply? I don't know.

But I do know that swindlers always live in hope of someone falling into their traps. Remember fraud victims have to play their own part in handing over their cash - this is not a case of bad people in balaclavas brandishing baseball bats.

The philosopher's email

Last week I received an email entitled (in capital letters) FOR TONY.

Who was this from?  None other than Alain de Botton. Zurich born de Botton, educated at Harrow and Cambridge, is a famous thinker. He wrote “The Consolations of Philosophy” and “The Architecture of Happiness” among many others. So why is he writing to me?

Of course – and this is bad for my self-esteem – he wasn't. It wasn't Alain de Botton, but a scamster stealing his name. Now, don't do this at home, but I opened the obviously dodgy email to find a link (since shut down) to a money generator site where, apparently, I can earn $4,386 a month with just two hours' work and no previous experience. Now what did someone say about if it looks too good to be true?

It is easy to set up an email and create a false identity.  I think this is sort of funny – maybe even a philosopher would smile.

Receiving emails from 'friends'

Now for one which made me angry.  Two intelligent, very highly paid men who work for an information website with their own IT department.

I know them – I've done a bit of work for them. So getting an email was not a surprise.  Even the heading “Important Document” might have been true.

When I opened it. It said: "Please view the document i uploaded for you using Google docs. Click here (I've removed the hyperlink) just sign in with your email to view the document its very important.

"Thank you."

Pete, the supposed sender of the email, is very literate. This letter was not. The hyperlink led to a number of email logos, including Hotmail, Gmail and YahooMail as well as that of a property company I had never heard of. It then said: "To access our online secured auction page, you are required to choose your email address below."

Now this is the amazing bit. Pete (although he denies this) had followed the instructions when he received the same email from elsewhere, clicked on his email provider and then filled in the pop-up form which required both email address and password.

The scamster now has not only the email address of someone susceptible to revealing details to a company they have never heard of (which turned out to be an innocent company in Latin America whose logo has been hi-jacked) but also the password for that email account.

Now the fraudster has the keys to everything - not just contacts, but all the emails received and sent. It does not matter how fast you change your password, they've already copied the contents. They will go through all of your mail to find something which can be turned into cash – or even material for blackmailing purposes.

Failing to learn their lesson

Now, everyone on Pete's list has this email including his colleague, Colin, who is even more computer-savvy. Despite knowing about it from Pete, he still sent off his password. As a result I get the email again. Colin was red-faced when friends asked him about this.

Neither man can explain their stupidity. Both had to send their computers for deep malware cleansing and both have had to change every single password they have. But this was not about viruses. It is all about crooks grabbing personal information.

What I don't know is how many others who received this email also followed these two and gave their passwords. With easy pickings like this, who needs to trade drugs or money launder?

More on scams:

Get ready for a rise in crowd-funding scams

Telephone Preference Service is failing to cut out cold calls

The 'get rich from your sofa' scam

The scam that makes you feel special

Enjoyed this? Show it some love

Twitter
General

Comments (21)

  • bhill10
    Love rating 0
    bhill10 said

    Be aware of the "Affilliate" scams operating from both sides of the Atlantic

    Report on 25 August 2012  |  Love thisLove  0 loves
  • sludgeguts
    Love rating 55
    sludgeguts said

    The general public are either stupid or greedy and that is why scams will never die out. Many are always on the lookout for 'something for nothing'.

    I recently got an email from a friend who was stranded abroad after being robbed, they wanted me to send money urgently for plane fares. I told them I had sent the £500 they requested but they would need to send me £50 'admin' fee before the money could be released.

    Report on 25 August 2012  |  Love thisLove  2 loves
  • terrycop
    Love rating 0
    terrycop said

    if you simply put the mouse pointer on the address of the sender, right click, then go to properties in the downloaded box, you will see the actual email address.

    clever dicks can actually overlay their email but cannot escape this search to my knowledge.

    if it is "for nothing", you get what you pay for!!

    Report on 25 August 2012  |  Love thisLove  0 loves
  • nosbort
    Love rating 126
    nosbort said

    @terrycop, your arrogance makes you a target, there is not just one OS and there are many more ways of hiding things that you seem to understand. If I wanted to be someone else I could, and you would not be able to tell.

    Report on 25 August 2012  |  Love thisLove  1 love
  • GrannySandi
    Love rating 7
    GrannySandi said

    Sorry to be a dunce, how do you right click on a track pad?

    Report on 25 August 2012  |  Love thisLove  0 loves
  • DaveDB
    Love rating 14
    DaveDB said

    How about this one - would anybody be fooled?? Received 20/08/2012

    The United Kingdom economics & finance ministry,

    1-8 Kensington Gardens Square,. London, W2 4BH.

    Tel: 00 447035924388

    Manager/ Secretary General.

    From Desk of: Johnson S Parker

    I am Johnson S Parker, Manager/ Secretary General, The United Kingdom economics & finance ministry, set up to fight against scam and Fraudulent activities worldwide.

    This Group is responsible for investigating the legitimacy of unpaid contract, inheritance and lotto winning claims by Companies and individuals and directs the paying authorities (banks) worldwide to make immediate payment of verified claims to the beneficiaries without further Delay.

    You are being legally contacted regarding the release of your long awaited fund. After a detailed review of your file, the World Bank Group has mandated that your fund should be release immediately.

    The sum of USD$5,000,000.00 (Five Million United States Dollars) has been approved in your favor via my desk. I therefore wish to inform you that your payment is being processed and will be released to you as soon as you respond to this letter.

    Please re-confirm to us the following:

    (1) Your Full Name:

    (2) Phone, Fax and Mobile Number:

    (3) Company Name, Home Address:

    (4) Profession, Age and Marital status

    : Note that the above fund has been cleared from terrorist or fraud related activities.

    Thanks for Your Cooperation

    Mr. Johnson S Parker

    Secretary-General)

    The United Kingdom economics & finance ministry

    Report on 25 August 2012  |  Love thisLove  0 loves
  • Modreduk
    Love rating 9
    Modreduk said

    Anyone who fell for that DaveDB deserves everything they get.

    Report on 25 August 2012  |  Love thisLove  1 love
  • fenemore
    Love rating 205
    fenemore said

    I too agree with Modreduk - you would have to be VERY NAIVE to think for a moment that it is genuine.

    Report on 25 August 2012  |  Love thisLove  0 loves
  • DaveDB
    Love rating 14
    DaveDB said

    Ref. my scam email & comments...

    Surely the point is you have to be b..... stupid to send out an email like that. Everything about it screams "Nigerian ....."

    Report on 25 August 2012  |  Love thisLove  0 loves
  • Tanni
    Love rating 91
    Tanni said

    So blant and obvious that I laugh at the cheeky buggers who send the emails. I've created my own for information purposes to those who are lucky enough to never have received such daft emails.

    Typical scam goes something like this:

    Hi, you would never have heard of me as I work in a massive Nigerian bank and am seeking to put £20,000,000 into your account as I trust you. The money used to belong to my uncle King Abugga Usilly. He died recently after being run over by a steam roller. As I am the only living descendent and rightful heir I am entitled to it all. However I cannot access it as I cannot prove my bloodline or be bothered to employ a decent solicitor to pursue my claim. All you have to do is give me your bank details so I can transfer the sum over to you. I cannot transfer it over to myself because of legal issues such as theft and conflict of interests; so I am going to send it to you instead. You happened to be the first person I googled via Facebook and you seem so honest in your wall posts on Facebook. I will also require your credit card details to pay the admin fee for the transfer of funds process. All I want is for you to be honest with me and just give me 40% of the 20 million I transfer. Please keep this secret as I do not want other more stronger people robbing me to forward them the funds rather than to you.

    Thank you and keep it secret. I trust you more. Love and kisses

    Yours faithfully

    Mr I. M. Afraudester

    You gotta be rather dim do fall for this but many people do. Shows you how dim some intelligent people really are. This should have been a Monty Python sketch as its so hilarious.

    Report on 25 August 2012  |  Love thisLove  0 loves
  • PoohBah
    Love rating 18
    PoohBah said

    The Nigerian money transfer is commonly known as a "419 scam", the name being derived from the relevant section of the Nigerian penal code. If you want a good laugh take a look at the 419 Eater web site www.419eater.com and in particular the way scammer John Boko was led by the nose; it's not only the victims who are greedy and gullible.

    A common variant of the 419 scam is the "daughter of deceased father" ploy: "I am Precious Udumbo, daughter of the late Dr Eustace Udumbo, who was killed in the recent rebellion..." You would be amazed how many people - mostly lonely Billy No-Mates - fell in love with a photograph by email and contacted the bank where I used to work, asking how best to send money to their fiancée (who they had never actually met) to enable "her" to travel to the UK. Very sad, really.

    Report on 26 August 2012  |  Love thisLove  0 loves
  • johnmxn3
    Love rating 17
    johnmxn3 said

    It is all very well saying how stupid people are for falling for scams.

    It is worth remembering that if you have never heard of a scam or been taught what a scam is, you are not stupid if you fall for it. Nobody is born with a scam detector in their brain. We all learn, some by being taught and informed, and some by bad experience.

    So when a vulnerable or elderly person falls for a scam, remember they have no idea what a scam is until it is explained to them.

    If we were all clever enough to know about every scam, why read Tony's blog in the first place?

    Thank you Tony, for helping us all. I for one value your advice, because I do not know everything there is to know about things that go on in this world. I am always ready to be open minded and to learn how to protect myself against scams, some of which are very clever and even your colleagues fell for this one.

    Report on 26 August 2012  |  Love thisLove  0 loves
  • Phizzmagic
    Love rating 0
    Phizzmagic said

    A company calling themselves Call Serve have been sending letters claiming they represent Santander as debt collectors. However Santander confirm they would always seek to agree a payment plan with a client first. If you haven't had such conversations DO NOT RESPOND - CALL SANTANDER. Interestingly the bank account number is one I've never had! These letters came even though there is no debt to be repaid. Like you say these scamsters prey on fear and some will inevitably repay the non-existent debt. I urge people to check Lovemoney to keep themselves informed.

    Report on 26 August 2012  |  Love thisLove  0 loves
  • Steviebaby1959
    Love rating 28
    Steviebaby1959 said

    The reason people fall for these e-mail scams is because they're suddenly enveloped in sheer greed with little pound and dollar signs in front of their eyes without checking any of the information that lies within e-mail messages, no wonder folks get duped, if they believe everything that's offered them without first checking the credibility then they deserve what they get.

    I wonder how many people who get an e-mail similar to the one offered in DaveDB's post check any of the details, I always minimise the page and open a new one and copy and paste sentences, words and phrases into a Google search immediately, however, having a quick glance at the phone number offered it starts with the International code for the UK, 00 44, so, you can ignore that part, what's left 7035924388, put a 0 in front of it and any number that starts with 07 in Britain is a cellphone, or, pager. I know for a fact that the STD Code 0703 used to be Southampton, but, all their numbers changed a few years ago to start 023, so, it can't be a landline number.

    The address given belongs to the Best Western Phoenix Hotel, not, a purported Government office, the title The United Kingdom economics & finance ministry doesn't exist, it's H.M. Treasury. So, within a matter of seconds I've sussed it out as being a fraudulent message and can then have a good laugh at reading the rest of it knowing that it's a complete load of twaddle and can be deleted.

    People are so quick to absorb everything that's told them without asking questions, it's laughable, why not spend some time double checking things, it might be time consuming, but, it'll be cheaper than giving some total stranger the keys to your Bank Account and computer passwords.

    Report on 27 August 2012  |  Love thisLove  0 loves
  • electricblue
    Love rating 643
    electricblue said

    The core of the article was based on the fact that there are also gullible idiots working in IT departments, a fact confirmed by some of the latest bank software debacles. I've had no end of silly emails forwarded to me by distant contacts who should know better, but I'm sure that the cc to all replies I've sent will make them think twice about perpetuating the latest urban myth sob story or affiliate scam.

    Can't just blame illiterate Nigerians for phishing scams these days - Iran seems to be behind an awful lot, with China and various parts of Eastern Europe also pretty active.

    Report on 27 August 2012  |  Love thisLove  0 loves
  • angela96
    Love rating 0
    angela96 said

    I had my email address hi-jacked quite a while ago, I don't recall falling for any scams for that person to have got hold of my details as I'm always very careful, I was using a learning centre computer at the time because our home computer had broken down.

    What I don't understand, is how such changes as sex, country and age can be made to email accounts so easily.

    No one fell for the scam sent to my contacts because it was so obvious, anyone who knows me well enough to send me money knows me well enough to know the details of the scam were nonsense, but it was very frustrating trying to get access back into my own email account.

    Report on 27 August 2012  |  Love thisLove  0 loves
  • Abigail Thornton
    Love rating 11
    Abigail Thornton said

    @angela96 It sounds like the computer in the learning centre had been compromised and a keylogger installed which recorded the login details of your email account and passed them to the scammer. A lot of email accounts offer the opportunity for a use-once 'throwaway' password delivered to your mobile phone. You should use this option every time you login to a public PC.

    If your account does get compromised, please make sure that you change your security questions for resetting your password. A friend of mine had his webmail account compromised by using a public terminal at a 5* hotel in Switzerland. The scammer emailed various people asking for money 'as he was stuck in Spain'. He only realised that his account had been compromised when a friend queried the country that he'd been in.

    He reset the password but the scammer got back in by resetting the password by using the scammer's own secret questions. The scammer threatened my friend with violence if he tried to take control of his own account - which was scary since the scammer knew his home address.

    On my advice, we passed the details onto his email provider and the police and he started using a new email account before contacting every financial institution resulting in new bank accounts, credit cards...

    Report on 03 September 2012  |  Love thisLove  0 loves
  • Evelynfrances
    Love rating 0
    Evelynfrances said

    I was on facebook recently and an instant chat came up supposed to be from a friend. Firstly asking how I was and then telling me he had been mugged on holiday and needed me to send him money to help him. The person on the instant chat was very convincing, had I not just spoken to my friend a few minutes before this I may have fallen for it. Turned out my friends facebook account had been hacked.

    Report on 03 September 2012  |  Love thisLove  0 loves
  • rcb
    Love rating 0
    rcb said

    A friend of mine's email account was hacked into and I received a message saying he had been mugged on holiday and asking for money to help him out. On asking how much I received details of an address in Spain and the request for money to be sent via Western Union. The amount quoted was 1000 euros for a flight and hotel bills ---- it was very convincing but the help described as offered by the embassy (flight home without passport as it was stolen) didn't add up and anyway I didn't have 1000 euros! Also no phone number given and he was the sort who certainly would have had travel insurance, had other closer friends than I and parents with whom he was on good terms as well as good co-operation from credit card providers.

    The slight differences in the language used could easily resulted from the trauma of a mugging ........ but the urgency of really needing to get next available flight was also out of character.

    One to watch out for!!!

    Report on 28 September 2012  |  Love thisLove  0 loves
  • jennysue19
    Love rating 5
    jennysue19 said

    I should know better having been an Internet user since there was something to use. I sent off for a cosmetic sample to a company called Derma Pure. I didn't read the T&C properly and thought I had 30 days to cancel when in fact I had just 17. The sample did not arrive, my UK debit card was charged for $89.99 (just over £57.00) and the full size sample didn't arrive either. Attempts to contact the company are futile. They have an address in Cyprus and a customer care line on a 'toll free' US number that costs an arm and a leg to call from here. The phone is supposed to be 24/7 but is never answered. They don't respond to emails. I went to my bank and asked to cancel the payment which would have otherwise been monthly - they have limited powers to do this, even if I changed my card! If the company try to take money again, I can reclaim it immediately but that is just looking at months of hassle. I can apparently call a fraud line but no guarantees I will get my money back. I now doubt that even if I HAD cancelled in time, that the message would have got through and my bank account would be safe from these scammers. I feel an idiot, really I should have seen through this.

    Report on 20 October 2012  |  Love thisLove  0 loves
  • paulie65
    Love rating 0
    paulie65 said

    My wife had an email purporting to be from FED-EX. It stated that a parcel was at the local Post Office awaiting collection. It suggested she click on the box which I recall was to obtain proof of posting. I did this and immediately got a message that the computer was in need of a new form of protection and wanted me to pay money to get it fixed. I should have known better especially as the mail was in her Junk Mail file!!. The system was completely frozen. After prolonged attempts, I managed to reset the system to an earlier date. It's been OK since. At this time of year my wife does quite a bit of online shopping so a parcel delivery was far from unusual. I did think it strange, however, that it concerned FED-EX as we have never had parcels delivered by them Another give away was that there were some basic grammatical and spelling errors in the email. I SHOULD HAVE KNOWN BETTER!!!!!!!

    Report on 09 December 2012  |  Love thisLove  0 loves

Post a comment

Sign in or register to post a reply.

Related content

Our top deals

Credit card
company 		Balance transfers rate and period Representative
APR 		Apply
now

Barclaycard 27Mth Platinum Visa

0% for 27 months (3.5% fee) Representative 18.9% APR (variable) Apply
Representative example: assumed borrowing of £1,200, representative 18.9% APR (variable). Purchase rate 18.9% PA (variable). BT fee is reduced from 3.9% to 3.5% (T&Cs apply).

NatWest Platinum MasterCard

0% for 26 months (2.65% fee) Representative 18.9% APR (variable) Apply
Representative example: assumed borrowing of £1,200, representative 18.9% APR (variable). Purchase rate 18.95% PA (variable).

Royal Bank of Scotland Platinum MasterCard

0% for 26 months (2.65% fee) Representative 18.9% APR (variable) Apply
Representative example: assumed borrowing of £1,200, representative 18.9% APR (variable). Purchase rate 18.95% PA (variable).
W3C  Thank you for using CGWEBLIV1