Wednesday, 2 May 2012

Why do they spam?

A sensible question asked by any sensible email account holder.

Why do complete strangers from the other side of the world send you nonsense you don't want at a time when you're not the least bit interested in it?

Generally to try and make money from you - illegally.

Research has shown that it is now nigh on impossible to calculate the number of Nigerian Oil Ministers, their surviving relatives, their lawyers or the sheer volume of millions of dollars on offer via the now infamous Nigerian 419 advance fee fraud - where you receive a charming "Dear Beneficiary" email from a grand sounding person at an impressive address and via an impressive but fake email address.

Those of you who receive these emails into you Outlook programme via Microsoft Connector will immediately notice that while the email purports to come from some grand-sounding group of financial lawyers, the return email address is usually a free account - or similar. And some of the scammers have no less than three email addresses in their one email, asking that you reply to their "private email address".

Research has also shown that we all receive an average of five emails a day asking for our log on details from banks we don't actually have an account with - however some people do have accounts at these banks. Again, if you use Outlook, the 'verification' address for the claimed Barclays Bank verification page will be something quite fanciful like

So to revisit the question again. Why?

The simple answer is that if the spammers send a million emails to random addresses, the chances are that a few dozen will fill in the details. And hey presto! Money or identity gone.

I received a rather impressive note from HMRC advising me that I was due a tax return of £235. A spammer using an intelligent sum for a change, instead of the usual huge $25 million lottery prize fund award on offer from a lottery I didn't enter. On this occasion the spammer was totally careless, on two counts. Firstly, he revealed his cc list of hundreds of Hotmail names similar to my own. And secondly, I was able to track back through to the www address given for the 'claim form'.

Drilling down through the layers at the URL, I discovered his repository for those taken in, and was shocked to see the details of 7 people lodged there - full names, addresses, mobile numbers, dates of birth, passwords, mothers' maiden names, favourite colours, sort codes, account numbers, long card numbers and most horrifically, the three number security codes on the obverse of the card.

I immediately texted all the mobile numbers with the news, and one young girl in Scotland, a student, later called me back with the news that she stopped her account just as her unofficial 'doppelganger' in Holland was seeking authorisation for two business class tickets from Amsterdam to the USA. The happy ending here is that the IP was traced and the internet café-owner was able to identify the thief who is now awaiting deportation to Nigeria.

So the main message here is, make sure you have adequate spam protection and don't reply to anything asking for your personal details unless you have complete verification. Financial institutions and other websites where you have password protection, will NEVER ask you via email for your personal or log in details, and banks certainly won't ask you for your three number security code..

And if an offer looks too good to refuse, it undoubtedly will be.

So refuse it.

No comments:

Post a Comment