Scammers rely on genuine resources to make their story more convincing
Cybercriminals have started leveraging the name of the FBI’s Internet Crime Complaint Center (IC3) in an effort to trick internauts into believing that they will be compensated with $1 million (780,000 EUR) for being targeted by fraudsters.It all starts with an email entitled “We have mandated your payment, kindly view below attachment” which purports to come from the IC3, Sophos experts report.
The attachment doesn’t contain a piece of malware, but a Word document (details.doc) which informs recipients that their names and email addresses have been found on the computers of con artists.
Apparently, the “World Bank president (Jim Yong Kim)” has decided to give the confiscated money to those whose details have been found on the crooks’ computers.
“We are hereby to inform you that we have been able to trap down some of the scam artists which have troubled the general public in name of helping our individuals to get their benefited fund or to indulge into business with them with the aim of defrauding our individuals,” the email reads.
Besides telling potential victims that they’ve “won” $1 million, the scammers also point to a Naked Security article which details the arrests of 24 individuals suspected of participating in a credit card fraud operation.
In the end, victims are requested to send their name, address and phone number to an email address that allegedly belongs to the deputy governor of a South African financial institution.
Scammers often use legitimate resources and the names of respectable organizations in order to make their schemes more legitimate-looking.
However, they’re rarely designed to be perfect from every aspect. They’re often poorly written and almost always involve some African “hotshot” that’s allegedly handing out money.
That’s why we advise users never to respond to such emails before properly checking them out. A simple Internet search for the notification’s details will almost surely lead you to an article which informs about its (non) legitimacy.