Dissecting a Scam: “Let’s Tell the Scammer I Already Have the Money.”
- Scammers from overseas find success despite of language gap
- What seems absurd to you and I will eventually snag someone
- A story on how a YouTuber fooled a scammer
Hello Wow!!! Congratulation.
This is a fairly typical fraud scheme that many, if not all of us, have encountered within our email inboxes. While we would normally mark the email as "spam," delete it from our inbox, and move on with our day, there is a reason fraudsters continue to utilize this scam. The emails are sent to a large number of email addresses in hopes to find a less technically savvy individuals.
Unfortunately for the fraudster, he picked the YouTuber known as Atomic Shrimp to "victimize," and ended up being pulled into a time-wasting vortex. Watch this entertaining short video to see how he does it.
The scammer is obviously not well-versed in English -- a trait that Atomic Shrimp points out many times to great comedic effect -- but make no mistake, the occasional target will indeed fall victim, because, after all, the lottery is certified by the Benin Republic Gaming Board -- are you going to argue with an actual certificate?
Attributes to Look for in Scams
While fraud is a serious problem and something which needs to be taken seriously, Atomic Shrimp takes time during his careful dissection of this particular scam to point out the almost poetic anarchy present in some of its components. For example, the "hostage note" multi-font construction of certain emails. Why four different fonts?
The core of the scam is getting the victim to pay a "fee" in order to claim an "ATM VISA CARD" with "175,000,000 Euro inside," or initiate a bank-to-bank transfer. Both options include "small fees" the target will need to pay in order to get the big payout.
And -- before you ask -- the charges cannot be deducted from the "prize."
The wiley Atomic Shrimp seized upon this and asked if that was "law." He got a letter from a "bank" with a stunning array of misspellings and a "copy" of the "check" he would eventually get:
Fraudulent Bank Letter:
Fraudulent Cashiers Check:
Understanding the Repercussions of Depositing Fraudulent Checks
Atomic Shrimp replied that he'd printed out the check and deposited it into his account.
Just a quick update to let you know the cheque is paid into my bank. As I expected, it didn't matter that it was only a copy as the routing and serial numbers are the important parts, and these were very readable on the scan you sent.
The funds are now showing on my account balance (pretty amazing to see!), but there is a 24 hour clearance period, so I can't start spending my winnings until just after lunchtime tomorrow - the anticipation is quite exciting! - I think I'm going to buy a boat!
Indeed, the YouTuber is correct that once the check is deposited -- most likely by mobile remote deposit capture through a bank's phone app -- a certain amount of funds are made available to the depositor. This threshold is determined by each bank and ranges from hundreds to thousands of banks. Access to a small amount of the deposit often convinces the victim that the check is authentic. Compounding the possible confusion is the fact that banks have variable fund availability periods.
Once the funds seem available, the scammers then move on to the "buy gift cards to pay a courier" gambit. Atomic Shrimp, having trolled the scammers sufficiently, then sends a note claiming that the "check photo" they emailed earlier had actually cleared in full, and he posed in front of one of his "new purchases."
Again, Atomic Shrimp was playacting: Banks and customers should be aware of the repercussions of using those fraudulent funds to make any purchases -- especially ones that are not refundable.
The vulnerability of the scheme is if a person takes time to bring the copy of this cashier's check to a bank branch, where a teller will verify that this is a scam. To avoid this, the fraudsters will strongly encourage the target to use technologies provided by the bank to its customers such as mobile remote deposit capture (MRDC) through the bank's app on the customer device.
While the capabilities and convenience of Mobile RDC allows customers to easily access their accounts and deposit checks, this also remains one of the channels frequently targeted by fraudsters. It is important that banks focus on educating their customers (we recently highlighted HelpWithMyBank.gov) while taking a collaborative approach to the technologies utilized by banks for check fraud detection.