You should not miss reading this!!

Have you ever been defrauded before?

Have you ever heard or experienced of the 419 Scam the so called “Nigeria Scam”? Well if not, then this is a MUST read for you.

Online frauds come in many forms and faces. Today, it is a fake application on a mobile phone that you innocently install, and, in the background, it tracks your every move. You continue living your life ignorant that someone somewhere is up to date with whatever is going on in your life. Such is the security challenge. Over the years, schemes like this are common among lovers and couples who want to keep a tab on what is going on.

Then the 419 scams. It is old school but continues to wreak havoc. Human stupidity cannot be stopped and that is how this old scheme is one of the top money-making online schemes to date.

You are either a victim or you outsmarted the scam. The 419 Scam is an advanced fee scam that is a form of fraud and one of the most common types of confidence tricks. It typically involves promising the victim a significant share of a large sum of money, in return for a small up-front payment, which the fraudster requires in order to obtain the large sum. If a victim makes the payment, the fraudster either makes up new stories for further fees for the victim or simply disappears.

Criminals target people who are vulnerable to exploit.

The victims to advance-fee fraud that accept to the terms of the criminal are always used as target for further payments where criminals point out that something is still pending for delivery processing and stands as a necessity for the payment to proceed the delivery.


The attack vectors

In this era of social media, no one is safe.

June, 9, 2019, an executive at a Government Agenda  in Kampala received a LinkedIn connection request from a stranger. He accepted the friendship request.  The lady that who sent the connection request asked to talk more over email and provided the address in the message over LinkedIn, because it would be easier there, not knowing that this was like a set trap to get him in her zone of interest. The man continued and emailed her first, and to the email, he received a reply from her.

In the reply, the cyber phishing lady requested to become friends and even more than friends. She asked for partnership so that the two can do business in the near future within Uganda. To this reply, she requested the government executive to reply to her whether he was ready to be friends with her and ready to partner in business and that they would meet in the shortest time to discuss business in Uganda.

Below is the email she wrote:

“My dear, 
I am sincerely and wholeheartedly bringing forward this proposal to you, because i believed that this offer is going to be a divine link to join both of us together for a good reason, i want to humbly explain further on the business. 

I made this money from a crude oil deal which i was initiated by top Iraqi citizens, i was asked to help them to provide a security cover-up during the sales of crude oil to Chinese, Japanese and Russian companies. The business worth over $62 million dollars, and i was offered the sum of $5.5 million dollars as my own share on the business at the end of the deal. The funds was moved out of Iraq and was deposited to the office of the Oxford Diplomatic and Delivery Company for safe keeping during the month of August 2015.”

This was so hard for my friend to anticipate anything fishy in this email and thought they were getting along with a friend and partner that SGT Ann Hester impacted in his mind. In a continuation of the mail, my friend, a government executive was asked to locate a good position in the country where they would establish a good business in the shortest time possible, here is what she had to say;

I wish to work in collaboration with you to establish a lucrative project in a best city location in your country with my own 70% share of the fund after you receive the box. the law of military is highly restricted and does not allow any serving officer to involve in the act of money transaction/business during official mission in a foreign country, this was the reason am seeking for your ultimate total partnership assistance to help me receive the fund and keep it safe with you until i come to meet with you face to face in your city.

 This was so welcoming and after that some of his personal data was requested of him to authorize the release of the expected Box from where it is withheld.

Before we take to the next step on the process, kindly provide me your personal information data listed below; 

1: A scan copy of either your international passport, driver’s license or any kind of personal identity card.
2: Your home or office address in full detail.
3: Your personal mobile telephone number.
4: Your date of birth.
5: Your occupation or job profession”

 By sending this, my friend could not notice that he was requested to submit his credentials unknowingly to a cyber-criminal, Ann Hester a ‘friend’ he had met on LinkedIn. Next what she did was to pretend that they are in coordination with the delivery company for safe delivery of their box and provided proof for depositing for safety of the box in 2015 when the box was signed to the delivery company for safe keeping.

Little did he know that it was a trick that they wanted him to pay some money that the delivery company was asking to pay for the certificate of safety that was worth USD$1,600 and delivery fee of USD$ 800 before delivery of the box on the 15th June 2019 at the international airport at 4:45 pm EA time.

When he contacted me, I noticed this was a form of scan attack, not like common but a classified attack that seeks to only get the victim’s minds-on and give away money to the attacker.

To this end Summit Consulting is at your solutions to help you from fraudulent intents of the sort, when it comes to cyber-attacks, there is nothing like being over secured.

You need confidence that your mission critical resources – core banking server, enterprise resource planning (ERP) system and other critical servers like mobile and internet banking servers, email servers and ATM servers and CCTV servers, to mention but a few are safe and sound from risks of attacks from phishers, manipulation, unauthorized modification and data leakages or deletion.

Summit Cyber security brings you awareness on how better you could protect yourself from such malicious intent from defrauders whose aim is to make a success at getting you into their traps, these have no formula of attack, but the fact remains that they will attack you in any way,

However, the scam is not limited to African nations. Countries as diverse as Spain, Russia, Malaysia, and the United States are also sites of significant advance-fee fraud operations, so this simply shows that the scam is on a rampant flow and anyone can be a victim of this attack.

Take a Survey to help your organization or employees mitigate advance-fee frauds in their line of business for greater business achievement and safety.

Share this

Leave a Comment