Pages

How to Stop Email Scams

Email Scam
Email Scam (Photo credit: o5com)

Parts of this article can get somewhat technical, please feel free to comment with any questions and I'll do my best to clarify as needed.

Your relative, friend, acquaintance is NOT stuck in a foreign country awaiting funds from you to rescue them.

I received the following e-mail today and thought it might make a good article for those who are not familiar with e-mail scams:


Subject: It's Urgent, Please Respond

From: Carol Crystal Ceeceecrystal@ymail.com
4:37 AM

It’s me, Carol. I really don't mean to inconvenience you, I made a trip to Scotland and I misplaced my luggage that contains my passport and credit cards. I know this may sound odd but it all happened very fast. Please, I'm short of funds to pay for my hotel bills and other miscellaneous expenses. Can you lend me some funds? I'm willing to pay back as soon as I return home.

Please respond as soon as you get this message, so I can forward you my details to send fund to me, you can reach me via the hotel's desk phone if you can. The numbers are, +447045733705.

I await your response,
Carol Crystal.

So, first off, obviously I don't know anyone named Carol Crystal, so unless you're the sort of person who forgets what their friends' names are, you're not likely to be taken in by this kind of scam.  On the other hand, the fact that this particular email scam is so popular is in part evidence of the fact many people ARE taken in by just this sort of email.  How?  Well, consider that emails like this go to tens if not hundreds of thousands of recipients, sometimes they usual actual names of real people, other times the victims may simply assume good ol' Carol from work or college must have gotten married and changed her name.  Who knows why so many are taken in by scams like this?  At any rate, there's a couple things we can do to try to figure out what's really going on here.

The Phone Number:

The most obvious item here is the phone number.  Where does it go?  According to Reverse Whitepages, Anywho, 411.com, and Verizon's reverse phone lookup, the number has no record.  Why?  More than likely it's a cellphone and cellphones (still) can't be looked up online easily.

A quick Google search reveals the first 2 digits of the number (44), are the country code for the UK and the Isle of Man.  Of course, when you can buy things online and take a train from London to Naples, country codes don't mean as much as they used to.  The area code (704) is actually a bit more interesting, another Google search reveals that in England, phone numbers that begin with 70 are Personal Numbering, which means that this number is actually only a forwarding number to a real phone.  The entire phone number itself is fake, it could have been bought via a UK website and could ring to literally any phone anywhere in the world.

Note that there is no chance I'm going to dial this number.

I DID Google the phone number, but revealing what I found would cut this article short, so we'll discuss that in a minute.

The Email Address:

Presuming you're still curious at this point, you might Google the email address.  If you did, you'd find that the only result for that email address is in a text file listed with thousands of other email addresses... probably a mailing list stolen by one individual and given away to others to use in their own scams.  Ymail.com is of course Yahoo Mail, a free email address provider.  If you Google just the email username "Ceeceecrystal" (and don't forget to do that, as a lot of things may show up that wouldn't otherwise), we find perhaps the initial victim of this scam, a very real Carol Crystal, posting about her travel plans on Facebook.

Further Analysis:

Luckily, further analysis is not necessary, as the internet at large will tend to have done the leg work for you ahead of time.  When I first Googled the phone number, I came up with this result: http://whocallsme.com/Phone-Number.aspx/447045733705  -- It's a blow by blow where many different people have posted about receiving similar emails, or in some cases to complain that their email account was broken into and their address list used to send these emails.  ...but are they right?  The email LOOKS like it was sent by Carol, sure, and it would be completely reasonable to assume that someone had broken into her account and sent the email... but in this case that would not be correct.

If we view the computer code (headers) for the email, we can see that the message was actually sent by the email address "kddid54@hughes.net", though it was made to appear that poor Carol sent it. Was the owner of "kddid54@hughes.net" responsible for this entire scam? Still no. A quick Google search of that email address reveals another real person and another victim. In the end, the closest thing to the truth can be inferred from an alert on the hughes.net customer service page which describes a scam alert and warns users against responding to emails asking for their username and password. It would appear that "kddid54@hughes.net" did respond to one of these emails and that his account was the one used to send out these emails on Carol's behalf.

How the Scam WOULD Work:

...if you were to respond to this person, first off all attempts to email would result in either a confused response from person whose email account was stolen or messages from the scammer urging you to call the number. Once you call the number, in this case you'll be told that you've reached the London Bridge Hotel by a man with a thick Nigerian accent. He'll be intimately familiar with your friend's situation and he'll do everything in his power to convince you to wire some money, even perhaps threatening to have your friend arrested for non-payment. If you do wire some money, it will be a small amount at first, the real trick comes with the transfer fee. You'll be told that there's either a transfer fee on that transaction or that circumstances have changed and they'd like to send your money BACK but again, there's a transfer fee you need to pay. Basically, they get you sending money for "refundable" transfer fees until you run out of money or figure out what's going on. In either event, chances are they're not even in London, the email is stolen, and the phone number has no physical location, so good luck getting your money back or even finding the criminals.

How Do We Stop Scams Like This?

All we can do is stop ourselves from being victimized by scammers. Don't respond to emails requesting your username and password. Don't log into websites without looking at the address bar to make sure that it's the right address and that the prefix is HTTPS not HTTP. The truth is, scams like this are a career in many countries. Literally, there are hundreds of thousands of people throughout Africa, Europe, and the UK who get up in the morning and run these scams and make $50,000 a year doing so, just as you or I might work in an office, a garage, a hospital, or anywhere else. Let me make a point here, the governments of the countries who permit this don't care. They know what is going on, but their people are so poor, they let it happen rather than expend the resources to stop it. Bear in mind of course that scammers operating out of the UK and other developed parts of Europe tend to have emigrated (legally or otherwise) from poorer nations in the region, making them even more difficult for their host countries to track and stop. Don't mistake, this isn't about race or class warfare or anything like that, it's just a matter of fact: http://en.wikipedia.org/wiki/Advance-fee_fraud

Did this article make you angry?  Cheer up, there's an entire community of watchdogs / hobbyists who locate and harass scammers like this: http://forum.419eater.com/forum/album.php  (may not be safe for work or appropriate for children)-- The link is to a photo gallery of scammers (with a very poor grasp of the English language) who were actually tricked into sending their would be victims photos of themselves.