Spam and phishing

Arabian tales by ‘Nigerians’

The war in Syria, which began several years ago, has recently become one of the most widely reported events in the media. Along with the growing interest of the international community in Middle East events, “Nigerian” scammers have also jumped on the bandwagon. Over the last few months, we have recorded an increase in the number of fraudulent emails utilizing the Syrian theme.

The authors of most of the emails introduced themselves as Syrian citizens seeking asylum in Europe, and requested assistance in investing large sums of money. The messages were either short, with just enough info to arouse the recipient’s interest, or provide a detailed description of the offer.

Arabian tales by 'Nigerians'

Fraudsters often send out emails on behalf of women whose husbands have supposedly been killed or died. This theme was exploited with little or no changes in the Syria-related emails. A “widow” writes that her husbands had been killed and now she has a large sum of money that she wants to transfer to another country – she usually wants to get out of Syria too.

Arabian tales by 'Nigerians'

Fraudsters can also distribute emails on behalf of employees or owners of companies. To make the email more convincing, the text may include the names of real organizations. The authors of the emails provide a variety of stories to hook the recipient. For example, one of them says he has successfully transferred his assets to France but could not get a visa, so he is asking for help in case he cannot get to Europe.

Arabian tales by 'Nigerians'

The scammers are trying not only to get recipients interested by promising financial rewards but to evoke pity and compassion. In particular, the pseudo-Syrian citizens complain of harassment by the president and ask for help transferring and preserving their money.

Arabian tales by 'Nigerians'

English is the most popular language with the “Nigerian” scammers; however, we have come across emails in other languages: German, French and Arabic. The author of a German-language email introduced himself as an officer of the Syrian army fighting against ISIS; he writes that he wants to move $16 million earned by selling oil out of the country, and asks the recipient to contact him for more information. In particular, the fact that the citizens of Syria and other Arab countries have large amounts of money is often explained by various stories related to oil deals.

Arabian tales by 'Nigerians'

An email in French is written on behalf of a young Syrian refugee whose relatives were killed in the war in Syria and who is now staying in Germany. She complains about the unbearable cold in the tent she lives in, and about the promises of the authorities to improve the living conditions which are never fulfilled. She asks the recipient to take her in in exchange for a large sum of money.

Arabian tales by 'Nigerians'

Finally, the emails in Arabic, the official language of Syria, tell a sad story about a widow from Damascus, whose husband and children were killed during a bombardment using chemical weapons. The tale of the unhappy woman is intended to evoke the recipient’s sympathy while also mentioning a large sum of money that should tempt the recipient to help.

Arabian tales by 'Nigerians'

“Nigerian” scammers are trying to make their stories believable so they are using a standard set of tricks: links to legitimate news sources, detailed emotive stories where real events are mentioned, including well-known personalities, etc. However, it is worth remembering that emails from unknown senders offering you millions of dollars cannot be genuine. Therefore, the best solution is to simply delete the email and not enter into correspondence with the scammers.

Arabian tales by ‘Nigerians’

Your email address will not be published. Required fields are marked *

 

Reports

APT trends report Q3 2024

The report features the most significant developments relating to APT groups in Q3 2024, including hacktivist activity, new APT tools and campaigns.

BlindEagle flying high in Latin America

Kaspersky shares insights into the activity and TTPs of the BlindEagle APT, which targets organizations and individuals in Colombia, Ecuador, Chile, Panama and other Latin American countries.

Subscribe to our weekly e-mails

The hottest research right in your inbox