[ISN] Forget the Nigerian spam scam; now it's a take-off on Three Kings

From: InfoSec News (alerts@private)
Date: Wed May 09 2007 - 23:31:44 PDT


http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=9018838

By Gregg Keizer
May 07, 2007 
Computerworld

A twist on the classic Nigerian e-mail scam that steals from the plot of 
the George Clooney movie Three Kings is hitting in-boxes, Symantec Corp. 
said Monday.

In these e-mails, a U.S. soldier based in Iraq claims that he has found 
a horde of cash or gold, a plot point central to the 1999 film. The 
e-mail explains that the total "haul," which is often pegged at $750 
million but can vary wildly from spam run to spam run, has been split 
among the men who found it. The soldier's take: $20 million. 
Unfortunately, after he was cashiered from the army and returned to Iraq 
to work as -- tugging at the heartstrings -- a humanitarian worker, he 
was injured by a roadside bomb and now is on his deathbed.

"The doctors have told me point blank that I would die at any moment," 
the soldier writes in the spam message.

All the recipient has to do to collect the millions -- or sometimes only 
half, with the other going to a charity -- is give up an e-mail address 
and phone number.

"You are now being e-mailed by a soldier, an American soldier who wants 
to share his new-found wealth," said Kelly Conley, a researcher at 
Symantec, on the security group's blog. "He is an American, so it's not 
like you're sending your money to the great unknown of a stranger or 
foreigner, right? This one is much easier to fall for."

In traditional Nigerian schemes -- dubbed that because they typically 
originate from the West African country -- scammers claim that they need 
help in moving money to the U.S. The messages promise recipients a share 
in return for an upfront fee, and therein lies the scam.

"All of a sudden the game changes," said Conley. "It's no longer written 
in poor English, where you deal with a stranger for the purpose of 
purely obtaining cash for personal gain. Instead it's [an] injured 
American soldier who wants to share his fortune with you and charity."


_____________________________________________________
Attend Black Hat USA, July 28-August 2 in Las Vegas, 
the world's premier technical event for ICT security 
experts. Featuring 30 hands-on training courses and 
90 Briefings presentations with lots of new content 
and new tools. Network with 4,000 delegates from 
70 nations.   Visit product displays by 30 top
sponsors in a relaxed setting. Rates increase on 
June 1 so register today. http://www.blackhat.com



This archive was generated by hypermail 2.1.3 : Wed May 09 2007 - 23:40:24 PDT