back to article 'Nigerian princes' snatch billions from Western biz via fake email – Interpol

Spoofed email and malware hidden in attachments netted crooks in West Africa more than $3bn in three years from businesses. That's according to research carried out by the International Criminal Police Organization (Interpol) and infosec biz Trend Micro. Forget claims of money stuck in bank accounts. Scammers are now raking it …

  1. find users who cut cat tail
    Coat

    Religion

    Since the scams are a local religious practice, it must be protected at all costs. Obviously, it is an important part of their culture and identity -- and one that white men actively seek to eradicate. At least that is what I expect to hear from the confused regressive left warriors...

    1. Solarflare

      Re: Religion

      What side of the bed did you wake up on to turn this article into that meandering puddle of bile? It's Friday, cheer up.

    2. Oengus

      Re: Religion

      and one that white men actively seek to eradicate emulate.

      FTFY

  2. Anonymous Coward
    Anonymous Coward

    Basta Neveneffecten

    Belgian TV studio Woestijnvis once made a satirical program called "Basta" in which a couple of performers addressed issues in real life with the government (and other issues) and showed just how ridiculous some of them was.

    In their finale they actually invited a scammer to come to Belgium so that a fictional company could invest several thousands of Euro's into this firm. Yes: they scammed the scammers. The meeting was set up (totally ridiculous things going on) and at the end the meeting got raided by the (fake) police. You should have seen the look on the guys face. Everyone got "arrested" and the police warned the scammer that he was about to get scammed, but they saved him. Hilarious.

    I just found the video on Youtube. It's Dutch ("Vlamings") but maybe subtitles can help you. Around 6:00 the fun begins when the scammer is allegedly given E 3,000 in cash with another E 10,000 being promised. Around 12:20 the "Federal police" is crashing the party :P

  3. Anonymous Coward
    Anonymous Coward

    What % of West African GDP would that make up?

    1. Tom Paine

      $3Bn would be just under 0.3% of the GDP of Nigeria alone, according to the CIA anyway:

      https://www.cia.gov/library/publications/the-world-factbook/geos/ni.html

      "West Africa" depends which countries you include, there are others that are relatively developed as well as the traditional post-colonial basket cases. Which, being translated, means I can't be arsed to add it all up.

  4. Anonymous Coward
    Anonymous Coward

    How people behave is conditioned by their culture

    Summary of Transparency International report on Nigeria and corruption.

    "Available evidence demonstrates that corruption in Nigeria serves two main purposes: (i) to extract rents from the state, which includes forms of corruption such as embezzlement, bribery, nepotism and cronyism, among others; and (ii) to preserve power, which includes electoral corruption, political patronage, and judicial corruption.

    Evidence also suggests that these forms of corruption are related to the country’s social norms. Nigeria is assessed as a neo-patrimonial state, where power is maintained through the awarding of personal favours and where politicians may abuse their position to extract as many rents as possible from the state. "

    Full report from Transparency International

  5. Tom Paine

    A BEC crook sends authentic-looking invoices and internal memos to businesses and their finance staff, tricking the employees into paying money into the thieves' accounts.

    Er. No. That's an ancient scam called Fake Invoices - it was going back in the days of faxes (invoices for listings in non-existent business directories was a favoured tactic.)

    http://www.actionfraud.police.uk/fraud-az-invoice-scams

    BEC, as the C (compromise) implies, is where the Finance Director's own email account has been compromised and the "Quick, pay $5m to this Swiss bank account, it's for an urgent secret merger deal which you mustn't discuss with anyone until we announce it" email really HAS come from the real Finance Director's* email account. In Outlook it'll have the little mugshot from the internal phone directory and all the other indicators that this is trustworthy, internal email rather than something coming from the great unwashed internets.

    YVW.

    *( or the CEO, CFO, Treasury Manager,.. etc)

    1. Anonymous Coward
      Anonymous Coward

      BEC / fake invoice

      Hmm , I might get into that racket.

      Why bother with all that tedious work / product / service / middle-manning ?

      Just skip straight to sending the invoices out.

      1. Anonymous Coward
        Anonymous Coward

        Why bother with all that tedious work...Just skip straight to sending the invoices out.

        Taxation? Isn't that a government monopoly?

      2. barbara.hudson
        Unhappy

        Re: BEC / fake invoice

        Skipping the actual work and going directly to sending ut invoices - Isn't that what most of the big consulting firms are doing already?

  6. Pen-y-gors

    Yahoo Boys?

    Another good reason for the name might be that 95% of the "I'm at a conference in Cyprus and I've lost my wallet, send money" messages that I get come from yahoo/btinternet accounts, which are renowned for their odd security holes.

  7. Anonymous Coward
    Anonymous Coward

    IT outsourcing

    Someone needs to set up IT outsourcing to soak up these jobless college graduates to keep them out of trouble. I wonder why the area has not been seen as viable for such investment. Too unstable? Poor internet connectivity? Surely with wages continually rising in the IT field in India, the major IT providers will need to start looking for greener pastures cheaper employees.

    1. Anonymous Coward
      Anonymous Coward

      Re: IT outsourcing

      "Surely with wages continually rising in the IT field in India, the major IT providers will need to start looking [...]"

      Given the apparently national culture of corruption - would you trust any of your personal details to a help desk in Nigeria? Could you trust them with an outsource of your bank IT administration or code development?

      1. Doctor Syntax Silver badge

        Re: IT outsourcing

        "would you trust any of your personal details to a help desk in Nigeria? Could you trust them with an outsource of your bank IT administration or code development?"

        No, but then I wouldn't trust them to outsource any of this anywhere else. That doesn't stop them.

      2. GrapeBunch

        Re: IT outsourcing

        would you trust any of your personal details to a help desk in Nigeria?

        Hello, my name is Donald. It's snowing yugely here in Reykjavik. How may I help you?

  8. Version 1.0 Silver badge
    Facepalm

    Let's give them a hand

    I continually get real valid invoices and purchase orders from real customers and even banks as .html, .xls., and .doc attachments etc. It's no wonder people open this crap without thinking. What in the world are organizations thinking when they expect any of these attachments to sail through our email system?

    For the record, they don't - I quarantine them all. It's a pain but it's kept us safe for years.

    1. Doctor Syntax Silver badge

      Re: Let's give them a hand

      "I quarantine them all"

      Have you managed to train your own business not to do the same thing? If so, kudos.

    2. Richard Boyce

      Re: Let's give them a hand

      Our local police do this too. Google now treats their emails as spam.

  9. MachDiamond Silver badge

    Acceptance of poor grammar

    The biggest give away on scams is usually very poor grammar and spelling mistakes. As standards decline in the western world, many workers may not notice that a phishing email looks suspicious on the basis of its grammar. I hated english classes in school and could barely keep awake, but I've never been taken by a phishing email and can spot the vast majority of them from across the room. The best 2% take an extra 15 seconds.

    The last one I received a couple of days ago was due to a hack of a newsletter I receive. The give away was that it was signed "The Chase online team" where the newsletter had nothing to do at all with banking. Also, the grammar and word use was odd.

    1. Anonymous Coward
      Anonymous Coward

      Re: Acceptance of poor grammar

      The best 2% take an extra 15 seconds.

      Whilst you're absolutely right, it isn't a huge endorsement of the tech sector that an important line of defence is the poor language skills of the crooks, is it? Clearly most scammers don't feel any need to evolve - but imagine the impact they'd have with a better eye for detail, some token research, decent grammar and spell checking, and only a very modest uplift in their tech skills, particularly in respect of email spoofing. Treat it as a thought exercise - what would you have to do to get a savvy colleague to open a booby trapped email if they can currently spot a dodgy one?

      We're in 2017, and there's still shed-loads of code vulnerabilities across all manner of software, Windoze can still be persuaded to compromise itself, users are unwittingly allowed to open executables and other booby trapped files, firewalls and filter software routinely allow internet connections to servers where you'd expect trouble, etc.

      In summary not a good mix: Many people are gullible, much software is riddled with security flaws.

  10. Mark 85
    Devil

    As ever with online crime, finding the physical location of the criminals is a major issue.

    Well.. there's the motion picture industry and their fleet of corporate copyright lawyers who seem to have this figured out. Maybe Interpol needs to hire them.

  11. Anonymous Coward
    Anonymous Coward

    Business email compromise (BEC) schemes

    What's the difference between a BEC and a phishing attempt. It's just I've never heard the term before.

  12. Mr Dogshit

    I don't get it

    Just track them down and shoot them in the head. Can't be that hard.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like