A Winning Scam

March 27, 2014 | by Fred Touchette | 419 scam, AppRiver, Digital Degenerate, explosion, lottery, scam

trot3 resized 600

Just over a week ago a man by the name of Neil Trotter became the UK's 4th largest lottery winner. That's to say the amount of money he won, £107.9m, was the 4th largest in history, Neil Trotter is actually a fairly slender fellow. Fast forward to this week and we're beginning to see scammers piggybacking on Mr. Trotter's success.

These scams are coming in the form of the classic 419 style, or advance fee fraud technique. We're actually seeing a few different versions of these and judging by the routes the various versions took to get to their destinations, it would appear that they are each from different groups. One version consistently comes from Nigeria by way of a quick hop in Brazil, and the others appear to originate from many different locations suggesting the use of a botnet for delivery. The latter uses a brief email with the subject "my Euro Million win" and suggests that perhaps Mr. Trotter feels that you as the recipient are quite poor. "I am willing to donate
£1,000,000(One Million Pounds) to you and as part of my effort to
alleviate poverty and care for the less privileged around the world, I
have decided to donate part of my win to few persons around the globe and
you are lucky to be one of them.", the email reads.

The other versions are much more long winded explaining the scenario, essentially giving a synopsis of the heavily circulated news stories that can be found around the internet. In fact they provide links to these stories in order to "To verify the genuineness of this email and our winnings". Because we all know that the internet is the source of all truth! The scam goes on to request tons of personal information from the recipient, all of the usual stuff, Name, date of birth, phone number, that sort of thing. All of this information can be used to further tailor the story to fit the target and possibly be used for additional identity theft. It is confusing though that Mr Neil Trotter's email address is apparently dndawes@gmail.com, doesn't seem very intuitive, but the very wealthy can be quite eccentric too, so who knows?

Although I can't derive any exact figures, it would appear that this campaign/campaigns is/are fairly large as we're seeing a good amount of them in our filters. These 419 scams are tried and true. People are still falling for them for some reason and this is why we continue to see tens to hundreds of thousands of this type of email on a daily basis. Do your best to stay informed and hold on hope that you will get your big break one day, but also be aware that if it's too good to be true, it probably is.

trot2 resized 600

trot1 resized 600