Crime Branch Advisory
The Nigerian Scam
NEW SCARE IN CYBERSPACE: WHAT THE MAILS SAY
Date: January 07, 2009
Dear friend. Sorry I didn’t inform you about my traveling to UK for a program. I am currently stranded in London because I lost my wallet on my way to the hotel where my money, and other valuable things were kept. I need you to help me. Please assist me with a soft loan urgently with the sum of 1,200 GB Pounds to sort out my hotel bills and get myself back home. I will appreciate whatever you can afford. I’ll pay you back as soon as I return. Please send the money to me through Western Union money transfer by the details below.
Patrick Collingwood Address, 199 Marylebone High Street, London W1U 4RY After making the payment kindly get back to me with payment receipt details needed to collect the money here.
—Received by Mumbai post-graduate student Samiksha Sharma from the email account of her former colleague, Varun
I am sorry I didn’t inform you about my travelling to Malaysia for a program called ‘Empowering Youth to Fight Racism, HIV/AIDS, Poverty and Lack of Education.’ The present condition that I found myself (sic) is very hard for me to explain. I am really stranded in Malaysia because I forgot my little bag in the taxi where my money, passport, documents, cell phone... and other valuable things were kept.... I am now owing a hotel bill of $1,200.... I need you to help me with the hotel bill and I will also need $1,000 to feed and help myself back home. So please can you help me with a sum of $2,200 USD.... Please use the details of one of the hotel managers below to send the money to me through Western Union money transfer or money gram....
Natalie Dias 199 Marylebone High Street, London W1U 4RY
After making the payment kindly back to me with payment receipt details needed to collect the money here.
Regards, Natalie Dias
—Received by Mumbai PR executive Sylvester Fernandes from the email account of his sister’s friend, Natalie Dias
How are you doing? I am so sorry I didn’t inform you about my traveling to UK for a program. I am presently in London. I am stranded here because i (sic) misplaced my wallet on my way to the hotel where my money, and other valuable things were kept. I will like you to assist me with a soft loan urgently with the sum of 1,800 pounds to sort out my hotel bills and get myself back home. I will appreciate whatever you can afford, i’ll pay you back as soon as i return.
Please reply. Thank you very much. Al-Naseer Zakaria.
—Received by several people in the contacts list of Khar-based businessman Al-Naseer Zakaria
HACKING IN SHEEP’S CLOTHING: SOCIAL ENGINEERING
- One method information is attained to hack into computers and email accounts is social engineering. This is considered a revolutionary art among computer hackers.
- Social engineering tricks someone into believing that he is giving information to someone who has the authority to ask for it
- People can also fall prey to social engineering through online or real-life interaction. Online, the hacker can obtain information through chatting, email exchanges, message boards and so on. In real life, a conversation can be struck up with a potential victim
- An ingenious method involves creating a webpage where users are required to enter their email address and password to supposedly find out if someone has deleted or blocked them from accessing messenger services
- Another common way is through the telephone. A user may receive a call from someone identifying himself as a systems administrator of his company
TROJAN ATTACK: THE TRADITIONAL HACK
- Specially devised programs, called keyloggers, are surreptitiously installed in the victim’s computer
- These programs can come through backdoor trojans and other viruses. A downloaded video clip, an inocuous birthday greeting or an email attachment could carry them
- Once inside, the keylogger will auto execute and record keystrokes made by the user and transfer email addresses and passwords to the hacker
THE LAW IN INDIA
Social engineering: People who gain access to an email account using social engineering can be booked under Section 463 of the Indian Penal Code. Punishment is two years in jail and/or a fine
General hacking: Trying to gain unauthorised access to a protected computer system is punishable under Section 70 of the Information Technology Act. Punishment is up to 10 years and.or a fine