The Nigerian Prince has evolved: email scams now even fool cybersecurity experts

by Posted on

We all like to think we’re immune to scams. We scoff at emails from an unknown sender offering us £2 million, in exchange for our bank details. But the game has changed and con artists have developed new, chilling tactics. They are taking the personal approach and scouring the internet for all the details they can find about us.

Scammers are getting so good at it that even cybersecurity experts are taken in.

One of us (Oliver Buckley) recalls that in 2018 he received an email from the pro-vice chancellor of his university.

This is it, I thought. I’m finally getting recognition from the people at the top. Something wasn’t right, though. Why was the pro-vice chancellor using his Gmail address? I asked how I could meet. He needed me to buy £800 worth of iTunes gift cards for him, and all I needed to do was scratch off the back and send him the code. Not wanting to let him down, I offered to pop down to his PA’s office and lend him the £5 note I had in my wallet. But I never heard back from him.

Thanks for joining us!

See the highlights of TNW Conference 2022

Check the video

The infamous “prince of Nigeria” emails are falling out of fashion. Instead, scammers are scouring social media, especially business-related ones like LinkedIn, to target people with tailored messages. The strength of a relationship between two people can be measured by inspecting their posts and comments to each other. In the first quarter of 2022, LinkedIn accounted for 52% of all phishing scams globally.

Human tendencies

Psychologists who research obedience to authority know we are more likely to respond to requests from people higher up in our social and professional hierarchies. And fraudsters know it too.

Scammers don’t need to spend much time researching corporate structures. “I’m at the conference and my phone ran out of credit. Can you ask XXX to send me report XXX?” runs a typical scam message.

Data from Google Safe Browsing shows there are now nearly 75 times as many phishing sites as there are malware sites on the internet. Almost 20% of all employees are likely to click on phishing email links, and, of those, a staggering 68% go on to enter their credentials on a phishing website.

Globally, email spam cons cost businesses nearly US$20 billion (£17 billion) every year. Business consultant and tax auditor BDO’s research found that six out of ten mid-sized businesses in the UK were victims of fraud in 2020, suffering average losses of £245,000.

Read the Full Story Here

Source: TNW