Make sense of this weird e-mail I got.

[Daowajan]

Date: Tue, Oct 23rd 2001 00:33:00 Filter sender
From: pius akubueze <pakubueze@onebox.com> Add to Address Book
To: shiro@zensearch.net Download Message
Cc: View Header
Subject: CONFIDENTIAL / PRIVATE Include Original: Yes/No

CONFIDENTIAL / PRIVATE
MR P.O.AKUBUEZE
LAGOS - NIGERIA
Dear
BUSINESS TRANSFER OF US$45.5M ( FORTY FIVE MILLION
FIVE HUNDRED THOUSAND UNITED STATES DOLLARS ONLY)
I am the New Auditor General to Audit Government
Account for this 2001 year budget, during my
auditing, I discovered that there was an over invoiced
amount of US$45.5 Million, in United States Dollars
Equivalent.
The above amount is floating after my auditing,since
it was an over - invoice amount, this means thatthe
money is from a contract executed by a Foreignerand
the real contract sum was paid remainingthefloating amount of US$45.5M.
Based on this development, I cannot claim this money
except with the help of a Foreign Partner, this is my
mean reasons for contacting you. Now , I got your
contact from your Country’s profile abroad and
Ireserve your contact for this kindof transaction with trust.
What you have to do is to send a replymail telling me
that you are interested in this transaction and trust
worthy to handle this transaction for me, because I
will put your company’s name as the Contractor that
executed the contract before and the money will be
wired transferred to your bank account, I will then
travel to meet you in your country for my own share
when this amount is wired to your account.
I would have travel out to open an account myself for
this transfer, but as a Civil Servant Iam not allowed
to operate foreign bank account while in services ,
hence the need for an overseas partner.
I got your contact from your country’s profil
abroad and I have put it that the money when
transferred to your bank account will be shared as follows:

1. 30% to you for acting as the owner of
   the money and for providing an account. 2. 10% set
   aside for anyexpenses that may be
   incurred in the course of the transaction (if any).
2. 60% to me as the owner / originator of thetransaction
   All logistics have been put in place and all modalities worked out for
   the smooth
   conclusion of the transaction within a very short
   period of time within (14) Fourteen working daysafter the receipt of
   information required like your company’s name,
   telephone and fax number, bank details for wiretransfer process.
   As soon as I receive the above details I shall makethe
   application in your name and file inforclaimsto
   the appropriate Ministries concerned in favour of your
   company. It is pertinent to state here that this
   transaction is entirely based on trust and Iwill always put my trust
   in you.
   Acknowledge the receipt of this mail using
   mye-mailonly please don’t reply through any other means for
   security reasons.
   Yours faithfully,
   P.O.AKUNUEZE

Spam or Scam?

[RedNaxela]

Put it this way: do you think it’s a good idea to give your bank information (i.e., account number) to a complete stranger? If so, then I’ve got a few bridges to sell you.

In this particular case, the indispensable Snopes has already disposed of it:

http://www.snopes2.com/inboxer/scams/nigeria.htm
RedNaxela

[micco]

It’s a well-known scam:
http://www.treas.gov/usss/index.htm?alert419.htm&1

[booklover]

This is a scam that’s been going around for several months…surprised it hasn’t hit the urban legend sites yet. The Washington Post (my local newspaper) published a warning on it in one of Bob Levey’s columns.

[friedo]

Both. This looks like a variation of the old Nigerian wire-fraud scam. The nonsensical English should be your first clue.

Nigerian Advance Fee Email Fraud

[Daowajan]

Ahh. I didn’t read the whole thing.

Should I put him on a few spam lists?

[Frumpy_Jones]

Daowajan asked us about this e-mail, and then added this to the replies:

**

Ahh. I didn’t read the whole thing.

**

Excuse me, but why would you ask US to read the whole thing and help you if YOU hadn’t read the whole thing yet?

Please take note of my sig, Daowajan, and substitute your name for ‘Benson’

[RedNaxela]

*Originally posted by Daowajan *
**Should I put him on a few spam lists? **

If you mean that he should receive spam himself… naughty, naughty! Anyway, as a practical matter, one of two things is true: either this guy’s got his own spam filter (you think he wants to read the kind of dreck he dumps on you?), or the e-mail address is forged (as it almost always is). Worse, they might have forged the e-mail address of some perfectly innocent soul, who has nothing to do with the whole scam!

For the same reason, you could put that e-mail address on your own spam-block list, but I doubt it’ll do much good - he could be back tomorrow with a new forged e-mail address.

JunkBusters.com has a good summary of how to figure out what ISP this spam came from; you could then forward it to that ISP and ask them to give him the boot - most ISPs don’t like being used as hosts by spam/scam artists.
RedNaxela

[micco]

*Originally posted by RedNaxela *
Worse, they might have forged the e-mail address of some perfectly innocent soul, who has nothing to do with the whole scam!

It’s likely the email address is valid because the entire point is to get you to reply to the email with sensitive information. Gullible people have been taken in by this scam, so someone is checking that email address for replies.

Spam with forged headers is certainly common, but that type of spam usually wants you to visit a website or reply through some other channel. There’s no point forging a reply address if that reply address is your sole contact with the sucker you falls for your scam.

[RedNaxela]

You’re absolutely right, micco - looks like I had the right solution for the wrong problem…
RedNaxela

[vanilla]

I got one saying some person died with no next of kin and they want to use me as next of kin to get the inheritance!

[Floater]

*Originally posted by micco *
**
It’s likely the email address is valid because the entire point is to get you to reply to the email with sensitive information. Gullible people have been taken in by this scam, so someone is checking that email address for replies.
**

True. Whenever I have put a Nigerian e-mail through SpamCop the address has been valid.

[micco]

*Originally posted by Floater *
**True. Whenever I have put a Nigerian e-mail through SpamCop the address has been valid. **

Which means very little. In a quick search of their site, I can’t find what SpamCop considers “valid”. You can certainly check whether the email address is a legal format from an existing domain. You could even check the destination server to see if a mailserver is running, but you can’t check to see if an actual email address is good.

There is nothing in the SMTP protocol which allows you to ping an email address and see if it’s valid. You can send mail and check for bounces, but even that’s not definitive. I have entire domains set to dump mail straight to /dev/null so any mail sent to them just disappears into the void. No bounce, but no receipt either.

This is one of the biggest problems with email. If it were possible to efficiently validate email addresses, it would be simple to set up mailservers or mail clients to only accept mail with valid “from” fields. This would solve a major problem with forged headers, but it’s simply not possible with the current state of the protocol.

[Greg_Charles]

My favorite part is, “This is my mean reasons for contacting you.” Kind of sums it up right there, doesn’t it?

[Frumpy_Jones]

Ya know, I just heard on NPR the other day that this whole scam comes from an old scam from England that made it’s biggest mark (I.E. took in the majority of suckers) during the depression.

The original scam was based off of Francis Drake’s estate, and he had not relatives, and the British banking system… blah blah blah…

Nothing like using technology for a super-old scam, to give it a nice, shiny cleaning…

[Futile_Gesture]

*Originally posted by friedo *
The nonsensical English should be your first clue.

The poor English is deliberate. Part of being a good scammer is getting the targeted victim to think, no matter how dumb they really are, that they are smarter than you. It encourages them to drop their guard and trust you more.

[Colophon]

Wow. There are still people who haven’t come across this scam?

[Dag_Otto]

*Originally posted by r_k *
**Wow. There are still people who haven’t come across this scam? **

Everyone has come across this scam for $32 million. I think the $45.5 million scam is a new one.

[CurtC]

I saw the thread title, and figured it must be about a new spam type that I’ve been receiving lately. They look like this:

To: curtc
Subject: Re: %RND_UC_CHAR[2-8], at the same
From: “Farley Maurice” <xhqbmgtjrptr@china.com>
Date: Mon, 10 Nov 2003 14:56:11 -0400

<!DOCTYPE HTML PUBLIC “-//W3C//DTD HTML 4.0 Transitional//EN”>
<HTML><HEAD><TITLE></TITLE>
<META http-equiv=Content-Type content=“text/html; charset=windows-1251”>
<META content=“MSHTML 6.00.2800.1141” name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<font color=“white”>residue milord snoopy basis protozoan blum diverse diversionary reverie balfour airspace cleat harrow connors inventor leafy gobbledygook silty stargaze burgundy limestone scrooge ambitious fusty doubt outrageous decay aventine impasse multitudinous carcinogenic crepe sheathe crosswalk crack menelaus midwest mournful dulse </font><br>
<body>

<p>Th</pioneer>e ul</fiske>timate d</gerard>igital
ca</willow>ble f</brice>ilter</p>
<p>Th</zebra>e fil</convolution>ter wi</sw>ll al</squill>low
yo</await>u t</vortices>o rec</lineup>eive a</wang>ll
t</packard>he ch</perpetuate>annels t</pawtucket>hat y</tollgate>ou
or</coexist>der wi</waldron>th y</pigeonberry>our r</next>emove
cont</audible>rol!</p>
<p>pay</abc>perviews, adu</algebra>lt mov</suspect>ies,s</halve>port
even</beautify>ts,s</astound>pecial ev</effete>ents!
<a href=“http://www.ehostzzz.com/cable/”>
se</temporary>e n</baltimorean>ow!</a></p><p><a href=“http://www.creditcard2003.com/cable/”>
<img %RANDOM_TEXT border=“0” src=“http://www.creditcard2003.com/fiter.jpg”></a></p>

<br>
<font color=“white”>saskatchewan methionine roar bulk trinidad mead fetish saracen ymca chatty dough validate stumble influential corollary buchanan pittsburgh warrior prospector poultry erato psychiatrist polyhedral standby hidalgo polonium case marital durward puritanic boris beauteous complacent slivery </font>
</BODY>
</HTML>

This is the text that shows up, it’s not even HTML (the Content-Type header is “text/plain”). I’ve received quite a few of these, but with different details. What the hell is it?

[DarrenS]

There are even conferences for this type of business opportunity now.