Introduction to Online Scams pg7

The “Nigerian Widow” scam exemplifies a common online scam, officially classified as advance-fee fraud.
- International law enforcement officials often refer to it as the 419 fraud, named after the section of the Nigerian Criminal Code.

An unknown individual claims to possess significant wealth, impossible for them to access (e.g., $25,000,000).
They solicit help to transfer their funds out of the country.
In return for assistance, the scammer promises a substantial reward (typically 20% of the total).
Confidentiality is emphasized: the helper is instructed to keep the operation secret.
After agreeing to assist, complications arise regarding the transfer.
The scammer requests money to facilitate bribes or cover fees to access the funds.
Victims continue to send money, believing they will receive greater amounts later (the advance fee).
The demands for more money continue, eventually resulting in the fraudster disappearing if pressure is applied.

Variations of the scam often include elements of urgency, secrecy, and requests for money.

This scam has persistently succeeded and is responsible for significant financial losses.
- The U.S. Secret Service reports that Americans lose tens of millions of dollars yearly to this fraud.
Numerous resources exist to combat such scams, like www.419scam.org, but their effectiveness is limited.

A newer variation presents itself as a lottery winnings notification.
- Recipients are told they've won a lottery in a foreign country, raising immediate suspicion due to improbability.
Another variation indicates personal identification is needed for customs of an expected shipment, further misleading victims.

The Nigerian Widow scam shares similarities with the historical Spanish Prisoner scam from the 1920s.
- The story involved a wealthy man imprisoned in Spain with promises of riches in exchange for assistance in his escape.
- Victims were led to pay for unsuccessful rescue attempts.

Phishing is a social engineering tactic where individuals are persuaded to disclose sensitive personal information online.
- Defined as "password harvesting fishing".
In-person comparisons illustrate the absurdity of giving sensitive info directly but the ease of doing so online.

Spam emails disguised as communications from reputable organizations (e.g., banks, PayPal) are common phishing tools.
- Use of actual logos, images, and fonts from legitimate organizations creates a convincing facade.
Common claims in phishing emails may include:
- Unauthorized access to your account.
- Owed money or refunds.
- Disruption due to security breaches.
- Findings from audits indicating issues with your account.
- Notifications about detected phishing attempts.

Phishing emails typically include requests to log onto websites to resolve issues, which generally link to fraudulent phishing sites.
- These sites collect sensitive data through realistic-looking forms.
Emphasized risks include identity theft, requiring personal vigilance as the best defense.

Best practices to safeguard personal information:
- Open email attachments only when the sender is known and the purpose is clear.
- Provide information online only for transactions you initiated.
- Before inputting any data, reflect on how you arrived at the associated website (typing the URL or searching is acceptable, while clicking links in emails or social media is not).
- Always check the domain name for authenticity (e.g., distinguishing subdomain differences).