Business Proposal, inheritance and Investment Scams
Everyday I receive an absolute tonne of Phishing emails and attempted scams and attacks. Maybe its because I'm a security guy, maybe its just because my email address has been listed in previous breaches. In either case, I don't mind receiving these emails at all as they allow me to share them and educate everyone. This blog post is all about business proposal, inheritance and investment scam phishing emails I have received.
You will recall from the Invoicing and payment scams and Other Scams sections of the hack proof yourself book (refer main page if you need a copy), that these types of scams range from the very basic to the extravagant.
Here are some recent examples I have received, that you should watch out for.
In this one below its very basic and works similar to the old Nigerian scams. It uses the standard Social engineering methods of a sense or Urgency and also a beneficial return. The goal is to start an initial conversation with the victim in which they will promise them a huge return for a minimal outlay. Not many people would fall for these types of scams, but you never know.
This guy has emailed me like 10 times over the last 4 months, all the same format, just from different email addresses and domains.... he is obviously quite persistent.
Here's another phish masquerading as Suncorp and to apply for a loan. Again not very complicated, but we can see the email comes from a completely different domain.
The website is already down only 7 hours later, so was very short lived. Running a whois is a great way to check if a domain is dodgy or not. We can see that this domain was only set up a week ago, so it has just been setup for the purpose of the phish. Its also using the common similar domain name trick.
The below is a recent example of an inheritance style scam. This email advises the victim that they have a large amount of funds and to reach out and provide their account details for a transfer to be made to them. It uses classic Social Engineering tactics such as tugging on the heart strings and advising that you will get 40% for you and your family (beneficial return). With most of these scams, it is used to either take money from the victim and/or use them for illegal money laundering activities.
The attacker has setup a gmail account for this purpose. Here is another scam email, quite similar to the previous:
This one, well to be honest it "talks about shares" but I have no idea what they want me to do, to buy shares? just reply? simply weird.
I got this one last month, It looks like its from the same guys...
This one falls under the little effort category. Apparently they have a proposal for Children1st that they want to discuss with me.
There are a few different variants of the above emails, like this one:
Yet another business deal.
This guy apparently used to be a Nigerian scammer? this scam email is all about finding a victim for money laundering activities:
Here's another inheritance scam email I received, apparently I'm a beneficiary.
And another business opportunity email.
As you have seen above, there are a myriad of different types of these scams and Phishing emails. You should never reply to any of these types of emails.
The next post I will push out will be on the various romance scams and phishing emails I've seen.