A 419 scam via snail mail

One of the researchers in SophosLabs waltzed up to my desk the other day and said:

"Would you like to see the latest 419 scam?"

“Sure!” I replied, and out of his back pocket he plucked an envelope and a neatly printed letter.

419 scam via snail mail

Yep, it’s a 419 scam via snail mail – sent via the postal service to land on your doormat rather than emailed into your inbox.

The gentleman who contacted my colleague calls himself Tim Wu, and claims to be a private investment manager based in Hong Kong.

It seems that a former client of his (who had the first name “Anderson” and came to a sticky end in a hiking accident in mainland China) didn’t leave a will, and because there is no next of kin some of his $21 million fortune could be coming to my colleague here at Sophos instead!

Snail mailSpeaking as someone who is still waiting for the three million euros that Bill Gates awarded me earlier this year, I have to admit to some skepticism.

Tim Wu is offering to split the money 50:50 with my colleague – claiming “this practice is not unusual in the banking sector here in my Country China”.

He continues:

"The other option is that the funds will revert back to the state, where it may be shared by State officials for their personal use and enrichment, I worked for that money and telling you the fact Anderson still owes me my percentage for service and naturally I deserve to have that money but cannot do it alone so me need your help."

Scams being sent out via the regular post are nothing new, of course, but they have perhaps been overshadowed by the avalanche of nuisance emails many of us receive in our email inboxes each day.

Maybe we should be encouraged that scammers are using the postal service (and presumably costing themselves some cash in the process) rather than using the more cost-effective method of spamming out the scams?

Could it be that some scammers are turning to fraud via the postal service because users have learnt to treat unsolicited emails with greater suspicion?

419 Scammers Still Open to ‘Traditional Postal Services’ Option

Communication in the today’s world is dominated by email, instant messaging, and social networking. However, for making any formal statement or announcement, hard-copy letters are still sent using postal services. In both mediums, unwanted, unsolicited letters are not new; however, it may still be surprising if a spam message is sent over using postal services - somewhat low tech, but perhaps most effective way to bypass all kinds of online security. In a letter shared by a recipient, we found familiar text seen in emails associated with scams. We confirmed the hard-copy letter to be a 419 scam.

Here is the scanned copy of the letter (where the identity and address of the recipient have been blurred):

Text inside the letter has everything that we commonly see with email scams, except that we do not find any reply-to email addresses. Also, the scammer stresses that recipients must only fax the information (direct telephone and fax number), even if that means buying a new fax machine.

Such spam campaigns are already known to be widespread online and quite possibly had been seen in the past in letter form as well. As always, Symantec is committed to provide maximum security to its online users. However, with this particular incident, we would like to remind users to be careful of these hand-delivered scams also.