But why do those scammers write that they are from Nigeria or some other third-world country? They most often aren’t, and the notion makes the whole thing seem ridiculous. Also, why do they send the emails with terrible grammer and spelling issues? Couldn’t they at least proofread it once? The answer to these questions, of course, is that we are not the intended targets of the emails. Someone would have to be very gullible to fall for one of those scams, and that’s exactly the point.

Cormac Herley, the principal researcher in the machine learning department at Microsoft Research, has actually crunched the numbers to prove that’s the case. His paper, titled “Why do Nigerian Scammers Say They are from Nigeria?”, looks at the scam from the scammer’s point of view. The scammers have a limited amount of time to scam, and must prioritize the most gullible victims quickly if they want to make money. Herley visualizes this problem as one of binary classification. Will a specific mark be profitable? If the scammers guess wrong, they either spend valuable time scamming for no gain, or dismiss what could have been a profitable mark.

To solve the problem, Herley places all of the variables into a mathematical model of how a scammer might act. He then uses a Receiver Operator Characteristic (ROC) curve, which, he says, is how the trade-off between two types of error is usually graphed. From there, he is able to determine exactly how a scammer should choose which people to scam. The answer, of course, is to find a way to accurately identify from a large sample of people those who will be prone to scamming. From the paper:

The initial email is effectively the attacker’s classifier: it determines who responds, and thus who the scammer attacks (i.e., enters into email conversation with). The goal of the email is not so much to attract viable users as to repel the non-viable ones, who greatly outnumber them. Failure to repel all but a tiny fraction of non-viable users will make the scheme unprofitable. The mirth which the fabulous tales of Nigerian scam emails provoke suggests that it is mostly successful in this regard. A less outlandish wording that did not mention Nigeria would almost certainly gather more total responses and more viable responses, but would yield lower overall profit. Recall, that viability requires that the scammer actually extract money from the victim: those who are fooled for a while, but then figure it out, or who balk at the last hurdle are precisely the expensive false positives that the scammer must deter.

It seems like common sense, but now at least there is proof that these scammers aren’t all actually Nigerians with poor English. Herley’s paper can be read (and understood if you enjoy math) in PDF form over on the Microsoft Research website. One question that remains, though, is whether the “Nigerian” scam started when someone created it to filter out all of the non-gullible people, or whether it was actually from Nigerian scammers, and just happened to catch on because of this unintended effectiveness.

First off, there are numerous grammatical errors in the body of the email itself. That’s always your first clue that an email like this is a fraud. Apple makes gazillions of dollars. They can afford to have people proofread the emails they send out. If you get an email from Apple – or any other major company for that matter – that reads like it was written by a sixth grade dropout, you can be sure it’s phony. Interestingly, though, email scammers don’t include grammatical errors because they’re idiots. They include them because the kind of person who catches grammatical errors is less likely to fall for an email scam. It’s a way of homing in on the easy marks. Here’s the text of the email:

Of course, if the poor grammar (“your loyalty for our products,” “eligible for buying“) doesn’t tip you off, the “opportunity” they offer should. They don’t say they’ll give you a $115 Apple Store gift card for participating (Apple gift cards don’t come in $115 increments, by the way), they say they’ll give you the chance to buy one for $10. Not only that, they offer to mail you the gift card four days after you pay for it. Right.

If you open the survey that’s attached to the email, here’s what you see. It’s a decent but unconvincing attempt at looking like an official Apple page, but the fact that it’s attached as an HTML file you have to download (rather than a link to a site with an Apple domain), is a major red flag:

Finally, at the bottom of the survey you’ll find the section where you enter your billing information. If you’ve ever paid for anything online, you probably have a pretty good idea of what is required to complete a transaction. In this case, you may notice that there are a couple extra fields:

Yep, not only do they want your standard information – name, address, ZIP, credit card number, expiration date, and security code. They also ask for your PIN, your card’s issuing bank, and, most alarmingly, your Social Security number and birthdate. In case you’re unclear on this point, there is no reason for any online retailer to ever ask for your Social Security number. Ever. At all.

That, of course, reveals the whole point of this email: this isn’t just a way to scam $10 out of people who think they’re getting a good deal on an Apple gift card. No, it’s a way to get enough information to commit identity theft.

Of course, Apple is all too familiar with this sort of scam. Last month they published an updated support page to help customers distinguish legitimate Apple emails from fake ones. This email fails several of the tests they list to identify real Apple emails: it includes an attachment, it asks for your Social Security Number, your full credit card number, and your credit card’s CCV code.

Unfortunately, scams like this are all too common. While there are all sorts of ways to identify scams, the best thing to do is to keep your wits about you and remember that if an offer – like $10 for a $115 gift card – seems to good to be true, it’s probably fake.

The scam spreads once FB friends of the victimized user click on the link that was posted on their wall, thus continuing the chain.

Candid Wueest is an employee at Symantec and explains that in the Uncle Scam likejacking scam:

“Even though it might appear that one of your friends has shared this link, he or she most likely did not do it knowingly. This is because whenever someone follows one of these malicious links, he or she ends up at an intermediate site on Facebook that will then load an “iframe” from a remote site. In this particular case, the remote site hosted four more scams targeting Facebook, each with different themes. The iframe loads an Uncle Sam image from a free image-hosting site and then asks the user to click on some part of the image. However, what the user doesn’t see is that the attacker has also loaded a Facebook site, but has modified it to be invisible. The hidden page that is loaded is the Facebook “Like button” page, which is conveniently placed under the mouse pointer of the user. Hence, when the user clicks on the colored bars of the image, he or she is actually clicking on the invisible Like button and consequently shares the attacker’s link with all of his or her friends on Facebook. (The same trick is attempted with an invisible “Share” button).”

PCWorld identified fbeditionrose.com, editionroseplus.com, and nouvelleroseplus.com as some of the sites people should avoid.

The article also detailed how there are several fake Facebook sites that request personal information for the chance to win free deals. These sights can be harmful in that they can infect your system with malicious code, recruit your computer into a zombie botnet, install software on your computer, and steal passwords or financial data.

The following YouTube video demonstrates how a user can be tricked into sharing potentially malicious links on their Facebook profile page.

To be safe, Facebook users are encouraged to Remain skeptical of messages posted in social networks, even if they are from friends. Users should aslo avoid downloading files or filling out questionnaires just to see a picture or a video.

Share you likejacking stories with us.

Darrell Bingham, 49, posed as an American football player and subjected his 21-year-old girlfriend to a six month hoax, in which he tricked her into performing sex acts using blackmail.

Bingham posed as “Grant,” an American football player, on Facebook, pestering the girl to send him topless pictures. When she naively complied, he began blackmailing her into performing sex acts on herself.

She told her boyfriend, Bingham, about the blackmail, who told her to continue, telling her it might be over soon. One day, he told her he had killed “Grant”, producing fake photographs as proof.

But Bingham wasn’t through with her yet. He then posed as “Chad”, a friend of the slain “Grant”, and continued to blackmail her, saying “Grant” had given him the photographs.

The girl broke down in her office one day over the ordeal. Concerned co-workers called the police, who traced the source back to Bingham.

Bingham has since been convicted of causing a person to engage in sexual activity without consent and has been sentenced to seven years in prison.

The girl had this to say after the whole ordeal, “I feel betrayed and heartbroken. When I found out it was Darrell I was absolutely devastated. He was the only person I could turn to and that is why it makes this ordeal so hard. He tortured me for six months.”

“From the moment I woke to when I went to bed, it was constant. I was so scared and frightened all the time I just didn’t trust anybody.”

Facebook has been used as a tool of deceit in the past, people posing as someone else to elicit sex or scam people out of money. Recently, a Pennsylvania man was charged with 68 felony counts after tricking underage girls into sex by using fake Facebook profiles to lure them in.

The most recent of these fake videos is one claiming to depict a roller coaster accident in California. Variations talk about it being in the United Kingdom, Australia or Universal Studios. Basically if it claims a roller coaster accident in the title it is a scam. No such video exists.

False Video Links like this have been cropping up on Facebook for some time now. Some other ones to watch out for are claims of a sex tape involving Justin Bieber or a supposedly embarrassing video of Rihanna.

Scammers tend to post “videos” that people will click on out of morbid curiosity. They want you to click without thinking.

The scammers earn money by driving traffic to certain sites. They get paid for each survey you unwittingly complete, or any product you purchase, or even just by compromising your Facebook account. Many are designed to spread malware or are linked to phishing scams, whose sole purpose is to obtain your personal information.

The best way to avoid these kind of scams it to not click on friends video shares at all, or just use some common sense to determine which videos are most likely fake. Look for videos that are designed to exploit that part of you that can’t help but watch a train wreck. If it looks gross, morbid, or involves sex, don’t click. If it links to a page that doesn’t appear to be a reputable news source, don’t click. Also watch out for the language usage in the description. Many make grammatical errors, or generally don’t sound like the way people talk.

Legitimate tax return prep offices and other businesses offers “refund anticipation loans”, whereby you have your refund sent to their bank account and they give you most of it in advance in cash. But, these kinds of services do place restrictions on who they will offer loans to, based on any tax offsets due, filing status changes from prior years, etc.

But, since these services are highly-advertised and have become commonplace, people are falling prey to scams that offer such services. These scams are blended with high-tech methods of phishing and information collection that go further than tax season. One scam even asks for your mother’s maiden name, which is a common identifier when resetting or revealing other passwords.

Learn more about these scams, how to spot them, and how to report them.

There was a certain Web site going around that claims to offer access to the Halo 4 beta. Let’s just ignore that Halo 4 has only had one trailer and Microsoft has been rather mum on it since. A beta isn’t completely out of the realm of possibility, but offering it to everyday gamers before releasing any information to the press is.

Now, David Ellis warned us of this fake beta a while ago via Twitter. That must have been enough to deter most gamers, but not all Halo players are on Twitter. They might not have heard the news and a Halo 4 beta would certainly make their day.

Well, the Web site was taken down after the press got a hold of Ellis’ warning. Best to get out of the scam business before it explodes in your face. Microsoft is forcing it to explode by filing a complaint against the Web site with the National Arbitration Forum according to Fusible.

Microsoft has a 99.9 percent chance to claim the domain name from the fraudster. It won’t be long before halo4beta.net becomes Microsoft property and can be used for the actual Halo 4 beta that will most likely precede Halo 4’s expected launch at the end of this year.

So as to avoid falling for such a scam in the future, remember these helpful tips regarding multiplayer betas. Betas are always announced by the publisher/developer proper before they are deployed for public play. Even if it’s a closed beta, there will be a press release or announcement of some kind. The Web site for a beta will also have links to the Web sites of the developer/publisher and are usually already tied into the Web site proper anyway.

In other words, the old saying remains true: If it’s too good to be true, it probably is.

In a post today on their twitter, Anonymous has said that Anonyupload has no affiliation with the site and they flagged it as a scam.

For those unaware, the site promised free file sharing among users and looked official. Only problem is that it’s hard to tell what’s official with Anonymous. They were asking for donations via PayPal to help buy server space and support the Web site proper.

Once again, it seems that people are using the Anonymous name to either make a quick buck or force innocent users to do their dirty work. Of course, we don’t know if Anonyupload is legit or not, but I wouldn’t take any chances until the site supposedly launches on January 28.

@YourAnonNews and @AnonyOps are generally good indicators of what is currently going on in the world of Anonymous. You would be wise to follow them for any official updates on this and other matters during their current operations.

CNET is reporting that there’s a new spam scam hitting Facebook today. The message is innocuous enough: Mark Zuckerberg has just sent an e-mail informing the lucky winner that they have won a free iPad.

Now the link to claim the free iPad doesn’t take people to Facebook, but rather a promotional Web site that claims to need your e-mail address, phone number and other account information.

If the “lucky winner” tries to claim their prize, they will be taken to a Web site that explains they are a potential winner. So we’re now going from winner to potential winner. To really win, you have to answer a simple question. It’s like if the lottery required winners to answer a random trivia question to claim their money.

The scammers aren’t all terrible people though, so they warn everybody that claiming the free iPad will add a small weekly fee onto your phone bill. At least they were nice enough to warn people in the smallest print possible.

Like always, the real reason for this is that the spammer gets an affiliate commission every time somebody is foolish enough to sign up for the contest.

As CNET points out, the best part is that Mark Zuckerberg apparently sent the e-mail via a hotmail account. Who still uses that anyway?

As with all these scams, use common sense. It’s highly unlikely that Apple and Facebook would give away free iPads. If it sounds too good to be true, it probably is.

[Lead image courtesy of Technologizer]

Now, that looks an awful lot like any other email you’d receive from Apple but there are a few clues that it’s fake (most phishing emails have these sorts of tells). The first and biggest is the link. Although it says “store.apple.com” in the body of the email, the link does not actually go to store.apple.com:

If you get an email from Apple or eBay or your bank that includes a link, the link will always include the actual name/official website of the company you’re visiting. If the link goes somewhere else entirely, it’s a fake. Case in point: store.apple.com. Of course, the best response to an email like this is to delete it, and manually navigate to Apple’s (or your bank’s, or whatever) website and log in to your account that way.

A couple other clues that the email is bogus: pretty much nobody threatens to shut down your account if you don’t update your billing information. You can have an Apple account with no billing information at all. They just won’t let you buy anything. Also, there are usually grammar tipoffs. For example, a legitimate email from Apple would probably not capitalize “Billing Information.” Finally, most direct emails will include either your personal name or your user name in the message greeting, as an indication that the message is legitimate. Thus, a legitimate email from Apple or any other site would say “Dear Bob,” or “Dear bobalicious75,” instead of a generic “Dear Customer.”

Long story short, don’t trust an email just because it looks legit. Read the text carefully for typos and weird grammar, and check the links. Better yet, ignore the email and log in to your account directly and see if there really is a problem.

[Source: The Mac Security Blog]