Tag Archives: South America

It’s All About the Backstory

If you’re going to do a scam, have a good backstory. Here’s how.

It’s from a Mrs. Sarah Welsh of 26 Kensington Court, London, W8 5DL, England who says in an unsolicited email that illustrates how best to do the old Nigerian email scam:

I am Mrs. Sarah Welsh, an English woman who is suffering from cancerous ailment. I am married to Sir Jim Welsh who also is an Englishman though dead now. My husband worked with the British Railways for over two decade before the cold hand of death took him away on the 23rd of July 2003 at about 2:00AM.

I am glad she still feels married to Sir Jim, despite the clammy hand of death. That’s loyalty for you. But this is good stuff; it sets up the story nicely, although perhaps actually giving the time of death might be a superfluous detail.

Unfortunately their decade-long marriage was without “any fruit of the womb.” This might have been because the late Sir Jim spent too much time on a very modest and narrowly focused effort “to uplift the down-trodden and the less-privileged individuals within the United Kingdom, Europe, North and South America, Africa and the rest of the globe as he had passion for persons who can not help themselves due to physical disability or financial predicament.” This must have taken up quite a bit of his time for pottering around in the garden. His widow, showing perhaps a trace of bitterness, says “I can adduce this to the fact that he needed a Child from this relationship, which never came.”

Anyway, this timeless sadness aside, there’s dosh. Ten million quid, to be precise. It’s not clear how a career with British Rail secured this kind of money but it might explain why British Rail had to be privatised. Sadly Mrs. W. is not going to be around to spend it, since “my Doctor told me that I have a limited or numbered days on earth and that my life span will not exceed 150 days due to the cancerous problems I am suffering from.” A precise doctor indeed. Still, that’s not what is really bothering Mrs. W. “What bothers me most,” she says, “is the stroke that I have in addition to the cancer.” Good little extra layer of ailment, though some might think it’s being laid on a bit thick. Anyway, here comes the denouement, better known as The Bit Where You Get Ripped Off:

Mrs. Welsh (shouldn’t she really be Lady Sarah, what with Sir Jim and all that? Points deducted for not knowing the English honours system) has decided to give the 10 mill to “a non governmental, or a non religious, and or a non profit organization or better still an individual, that will use this gift which comes from my husbands sweat to fund the upkeep of widows, widowers, orphans, destitute, the down-trodden, physically challenged children, barren-women and persons who prove to be genuinely handicapped financially.” Another tightly focused project, it seems.

If you were the suspicious reader you might wonder: Aren’t there other members of the family who could make use of this money? Mrs. W/Lady Sarah has already thought of this, and helpfully sets up another strand to the story: “I took this decision because I do not have any child that will inherit this money and my husband relatives are bourgeois and very wealthy persons and I do not want my husband Jim Welsh hard earned money to be misused or invested into ill perceived ventures.” Sounds like it’s not the first time that Sir Jim has bailed out his wastrel siblings and others from his side of the family. In-laws. A nice touch, bound to win over the most skeptical of readers. Who doesn’t have some ne’er-do-well relative?

Indeed, they are already proving a bit of a pest. Lady Sarah asks for help urgently to distribute this cash via the usual power of attorney, bank account numbers and transfer fee scam, but doesn’t want phone calls. “I do not need any telephone communication in this regard due to my deteriorating health and because of the presence of my husband relatives around me. I do not want them to know about this development.” A very good idea. They’re bound to be eavesdropping on the line in the spare bedroom, the leeches. (Not to mention the difficulty of disguising the fact that an elderly female member of the British aristocracy on the phone sounds a lot like a man with a West African accent.)

As Mrs. W. points out, “with God, all things are possible.” But a good back story helps. If you need one you can always copy it off one of the numerous websites collecting this kind of thing. Sir Jim’s has appeared on several, including here and at Scam o Rama, which helpfully organizes them according to ill person, cancer type, life expectancy, sum involved, purpose and location of money.

The Blogosphere (Tree)mapped

I was intrigued by this effort to count the number of blogs around the world and offer a break down by region, if not country. The results, though very rough, and which include large slabs of the world (like South America), offer up some interesting conclusions, particularly for Asia. Bottom line is that there is a huge chunk of the world blogging outside the English language.

Here, just the hell of it, is a rough treemap I put together of the data provided by The Blog Herald’s Duncan:


The overall total is in the 60 million mark (and of course this figure is open to questioning, as it was by my colleague at WSJ.com, Carl the numbers guy). The pink covers the very broad figure of those U.S-based blog hosters, and includes speculative figures for the UK, Australasia etc. Light blue is Asia — the bits too small to have their labels visible are for South and South East Asia, both roughly host to 1 million bloggers each, and the much smaller, redder boxes cover Russia, Africa and the Middle East. The darker blue box is France.)

Even if the South Korean figure is off, there’s still a striking element to all this, which I think sometimes gets lost in the blogosphere noise: Asians are blogging in their own languages in huge numbers, roughly equal to the ‘Anglophone’ world, and yet there’s very little crossover between these groups, or even among them. Worthy of a closer look, methinks.

Phishing and Keylogging – The Missing Link?

Here’s evidence that ‘phishing’ – the art of conning users into handing over banking and other passwords by fake, but convincing-looking emails and website — may have branched out into viruses and worms.

Symantec, McAfee and Sophos have published details of a new virus/trojan called Stawin (also known, because the anti virus people don’t seem to be able to standardise these things, as Keylog-Stawin, Troj/Stawin-or Keylogger.Stawin) which appears to have originated in Russia, and which, once installed, will sniff for any banking transactions from about 30 banks or online payment systems in the U.S., Australia and Canada, and will capture passwords and whatnot which it will then email, from time to time, to the hacker.

It does this via an email attachment with, usually, the title ‘I still love you’ — something that’s always nice to hear. If the email attachment — message.zip — is opened a small piece of software called a keylogger will install itself and look for the user opening a window with text in its title that matches any of about 60 different words, ranging from Westpac to Hyperwallet. The keylogger will record anything the user types into that window, store it, and occasionally email it to someone — apparently in Russia, since the email address is govnodav2004@mail.ru. (You won’t see this happening because the email is not sent via an email program but an inbuilt SMTP engine.)

The bad news: You don’t actually need to get the email version of this to be infected. Variants of the trojan could be received just be viewing a certain webpage, on an instant messaging chat network, or on a file sharing network.

Now we already knew, thanks to the work of folk like Daniel McNamara of Code Fish, that some phishing scam emails appeared to be trying to load keylogger trojans. But this seems to be the first industrial-strength one that targets a wide range of banks and online institutions. Says Daniel, who pointed it out to me: “This is certainly the first key logger one I’ve seen go to such lengths, particulary since it targets a wide range of English-speaking banks/financial institutions.” Most previous keyloggers, he says, tend to focus on one or two banks, usually from Asia or South America.

So is this proof that Russians are behind the bigger phishing scams? Or is this all just a ruse? That email address appears to be Russian, and not just because of the server.  Nick FitzGerald of Computer Virus Consulting says in a posting at SecurityFocus that he is informed by a Russian colleague that the email address is “rather crude if transliterated back into Cyrillic”.