BBC: Old Scams Made New
This is a column for a BBC World Service piece. It’s not Reuters content.
Of all the scams you’d have thought the old ‘I’m a general’s widow and am sitting on a whole pile of cash I want to share with you” one would have gone away by now. But it hasn’t. The scammers are now recruiting church organists.
Take, for example, LinkedIn, the business networking service. Think Facebook but for suits. People use to flaunt their resume only in the hope of winning contracts, promotions, job offers and to share trade gossip with others. Companies use it to recruit, promote themselves etc. And so do scammers.
They make a fake profile, add a fake photo, and then start inviting potential victims to connect to them. Once connected, they approach marks with the usual ‘I’ve got lots of money tied up in a bank and i want to share it with you if you’d only send a bit my way to help me grease some bankers’ palms.’ They can also now mine your address book and connect to your contacts and do the same to them.
I was recently approached, for example, by a lady called Alisha, who claimed to work at a dental clinic (the giveaway there: she called it a detal clinic),by Qatari billionaire Sheikh Faisal Bin Qassim Al Thani (email address sheikfaisalbinalthani at gmail.com) and before her recent troubles by the now deposed prime minister of Thailand — Yingluck Shinawatra, not the other one — who could be reached at angeleena rosa 1967 at yahoo.com.
Why do I know these folk are not for real? Well, one red flag is a limited number of connections: 67 in Alisha’s case, 127 in the Sheikh’s and 56 in Ms Yingluck’s. But each was able to reach me because despite the relatively measly number of people they’d persuade to accept their invitation to connect were contacts of mine.
I knew it was getting serious when I was approached by someone claiming to be a manager at Standard Chartered. Let’s call him Mr Christopher to save some blushes. Mr. Christopher claims to have 10 years’ experience in banking and finance management — and, most impressively, more than 500 connections. Among them a colleague, a CEO at a local energy group and the finance director of an Indonesian company. He even has a Facebook page.
These scammers are putting in the hours.
But even then, these scams aren’t really that hard to spot.
Usually a glance at the profile is enough. A guy called Nigel Rozzell, for example, approached me, ostensibly from NatWest Bank. (It turns out there really is a Nigel Rozzell who works for Nat West Bank, but I’m pretty sure his email address isn’t Natwest Nigel at accountant.com, which is what this profile had.)
And if I still wasn’t sure, I could search google for images that look like his mug shot — it’s actually easier than it sounds. And sure thing, the headshot of fake Nigel Rozzell belongs to an engineer who works on rail projects in Qatar.
And our bank manager friend Mr Christopher, with the 500+ connections and the Facebook page? After I recklessly accepted his LinkedIn invitation he offered me half of 9,649,400 pounds he said he was about to get his hands on. My confidence in him deflated when I discovered via Google that his mug shot belonged to that of the organist at a church near Bristol, who was none too pleased when I told him his visage being used as part of a scam.
Now, LinkedIn to their credit have taken down all these profiles. And they defend their failure to stop these profiles ever appearing or gathering steam by saying that it’s basically up to users to be careful who they link to and to report anomalies. They also say they see no spike in these kinds of scams.
But the truth is that scammers like networks and networks don’t police themselves. It took me anything between 10 seconds and two minutes to spot these scams, but I’m a nerd. That vetting process that could easily be automated. LinkedIn should, in my view, try doing that. I’ll miss rubbing shoulders with deposed prime ministers, billionaire sheiks and church organists, but I’ll suffer for the greater good of keeping scammers off my buddy list.
[Update: Got another scam this morning, from a Douglas Mattes, who once again had 500+ connections and a quite well populated profile. And whom actually I thought might be legit as I hadn’t looked at the image which belongs to one Shaun Goeldner. I’m frankly unclear how these profiles work — are they legitimate accounts hacked or built from scratch?]
[Update: Is this all part of some Iranian spying scam? ]