Catching the Bad Guys:
Nigerian-style Internet scammers
The very first thing to understand about your communications with a scam network is that nothing they have told you is true.
The names, phone numbers, titles, addresses, documents, and stories are all lies. The scammer is seldom even in the same location or country as he or she claims.
You are led to believe you are corresponding with only one person when the emails may come from 2 or 3 scammers all pretending to be the same person
The reverse is also true - one scammer may pose as several people (attorney, government official, minister, etc.) when in fact the emails are all from the same scammer using different email addresses.
It is not the an email address, the text of an email by itself, or the phony documents sent in any one single scam committed by the criminal network that leads to an arrest.
It is a painstakingly gathered body of evidence and hours of following leads that provide information information to obtain an arrest warrant. The investigation can take weeks, months, or even years before sufficient evidence is gathered to indict the scammer or scammers.
The chances of arresting your specific scammer are very slim; however, that is not true of all scammers in an organized crime network to which your scammer belongs.
NOTE: Unlike the Mafia system, depending on his level of expertise and business abilities plus associations and influences, a Nigerian-style scammer* may belong to multiple organized scam networks.
*Nigerian scammers have developed, and continue to develop, scam networks worldwide, teaching local criminals how to perpetrate Internet fraud. Local criminals may put their own twist on a scam, but the basics remain the same, hence "Nigerian-style."
To understand the full scope of what is required to make their scams work, please read Scammer Group Activities: Methodology of the [Nigerian-style] scam.
Yes, scammers do get caught by law enforcement and if your scammer contacted you by email you have one of the most potent tools available for tracking down the criminal: the email itself.
For your report to be effective, a Scam Email Report must include the Full Header, which is the path the email followed across the Internet from your scammer's computer to your computer.
Emails travel from server to server across cyberspace, and each time a server forwards an email to the next server it's called a 'hop'.
Each hop is stamped, just like the post marks on the mail you get from the Post Office.
Think of a letter that travels from Post Office to Post Office from South Africa to Seattle, with each Post Office placing its postmark on the envelope and you have what we read when we look at the Full Header.
But even better than that, the first stamp can sometimes lead us to a specific address and a specific computer.
Scammers have learned to play a lot of electronic games with email headers to cloak their location, so volume is important - the more emails we have in our analysis system the better.
Please go here to learn how easy it is to file Scam Email Reports: www.fraudaid.com/find_headers.
The steps for many email services are accompanied by screen shots.
Recruitment to join the scam group: In some instances, scammers have been known to make attempts at recruiting those they cannot turn into victims or those they have engaged in a long-standing relationship such as a romance scam.
Should you receive emails with offers of enlisting you into the fraud ring, please contact our Law Enforcement Support Unit using firstname.lastname@example.org . Do not write this address for any other purpose.
Reshipper Scam victims sometimes have excellent information when they have been 'hired' to forward envelopes or find themselves performing multiple tasks for their 'boss'.
If you are a Reshipper Scam victim, please contact our Law Enforcement Support Unit using email@example.com Do not write this address for any other purpose.
Solid information about scammers: This is a short list of what we look for:
· Bank account numbers listed in the body of a scam email.
· US, UK, and Canadian-based land lines. Go here to make the determination: www.fonefinder.net.
· Web site addresses listed in the body of a scam email.
· A situation in which you personally met with the scammer within the 12 months prior to contacting us.
WARNING! If you have been targeted by a Nigerian or Eastern European scam, DO NOT seek out or try to arrange a face to face meeting with the scammer to provide information to law enforcement!
Scammers are well-trained criminals and will very quickly realize you are a fake.
This is dangerous to you because they are unpredictable criminals who can turn violent in heartbeat. On top of that, without a visceral understanding of the rules of evidence you will not know what to do correctly.
Zero Day malware is a piece of malicious code that has not yet been identified by your anti-virus or anti-spy ware program developers, meaning you do not have an update to cover it and your hard drive is not protected from it.
Rarely (but it does happen) a root kit is embedded in emails and is activated by your action of opening the email. A root kits downloads directly through your firewall and security software onto your hard drive where it can wreak havoc with your information and files.
These criminals are very nasty and far, far more experienced than you at conning people. It's what they do all day, every day. They will rapidly recognize your attempts at gaining information, will cease all correspondence, and may target you with malware.