Have We Lost The Ability To Think For Ourselves?

What do scammers always use to their advantage? What enables con-artists to swindle their victims? What is the most important thing scammers always rely on? Only one thing, the victim's inability to think for himself/herself.

The other day I saw an add for an e-book about some magical way to cancel traffic fines or to get them refunded (I'm not going to mention the name of the book, because it is a load of hogwash and I'm not going to give it any form of exposure except for illustrating my point). For starters, some lines on the website were poorly formatted with some strange HTML coding. Certain pieces of the text were aligned to print over other pieces of text, making some parts of the page totally illegible. This was caused by some funny div-statements used by the web designer. (This guy obviously did not know what he was doing). But it is not important to know what the web designer did wrong, it is more important to note that the seller of this e-book could not be trusted. Why? Because if he can't even format his website properly (or at least get someone to do it for him), how can you be certain that the owner won't steal you money and sell you a piece of junk looking like his website? But lets forget about the poorly designed website for a moment and focus on the product he was trying to sell.

This book, will presumably help you to get your traffic fines cancelled or even refunded by exploiting flaws on parking and speeding tickets. The book is therefore aimed at traffic fines in general and not UNFAIR or INVALID traffic fines (as a matter of fact, the author makes no mention of the words UNFAIR or INVALID on his website). The site does not even contain a single encouragement to motorists to keep within the speeding limit, to put money in the parking meter or to drive safely within the bounds of the laws of the road. No, the sole purpose of this book is to get traffic fines cancelled or refunded, whether you committed an actual offence or not. Now think about this for a moment, why should you buy a book to exploit the loopholes of the law in order to save money in traffic fines, if you can save money by just sticking to the law? In other words you don't need to spend a single penny to save money, you just need to use your damn brain. This book is actually encouraging reckless driving and should be banned. If you really exceeded the speed limit for instance, why should you be able to get the traffic fine cancelled. You contravened a law and you should pay the fine (and don't give me that bull that loopholes in the law is there to be exploited). It is a whole different scenario if you were wrongfully accused of a traffic offence, but this is not what the book is about (or at least that is not the impression the site gave me). But the most disturbing fact is that there are people who will actually buy this book. Really, you got to be brain-dead to buy a piece of junk like this! And this is why I ask the humble question, have we lost the ability to think for ourselves?

Have you ever wondered why people accept so many things and question so very little? I believe this is often the result of a fast paced lifestyle, where there is no time to think about something, you need to make a decision immediately without contemplating. But can we blame our bad decisions on the pressures of modern day life? Any normal person possesses the ability to reason, but it seems as if more and more people are losing this ability by the day. Are we really losing the ability to think for ourselves, or are we deliberately suppressing our ability to reason? I always ask myself these questions when I analyse scam e-mails and fraudulent websites and most of the times I simply cannot understand how it is possible for a healthy mind to be swindled by obvious scams like these. And by obvious, I mean scams containing obvious and common signs of fraud and deceit.

I have to admit, not all scams are that obvious and it has to be mentioned that some of them are quite cleverly designed to look like the real thing. But the majority of scams contain telltale signs of deceit (whether it is a scam e-mail, a fraudulent website, an obscure add in a magazine, a call from an unknown individual or a dishonest salesman). The main problem is, many people only accept the solution or promise presented by the scammer and never pay attention to the means by which the scammer attempts to solve the problem or deliver the promise. The driving force behind the success of almost any scam is money and greed. You need a combination of both to make a scam successful and a greedy victim walks a greater risk of stepping into the trap set by the scammer, without realising it. But greed is not the only factor, ignorance is another weakness exploited by scammers, to improve their chances of successfully swindling their victims.

How long will we be able to use ignorance as an excuse? There are so much information about the latest scams, freely available on the web. Financial institutions post warning messages and examples of scam e-mails on their websites and some companies even communicate directly with their clients about the latest tricks and gimmicks used by scammers. With all this information at our doorsteps and sometimes even in our laps, how can we use the lame excuse of "I didn't know"? Computer illiteracy is also a stumbling block for many people, but computers have become part of our everyday lives and fewer people are computer illiterate these days. But there will always be a technological gap among computer users, because not everyone eat, sleep and drink computers. There will always be advanced and novice computer users and the latter are often at risk of falling for scams, where they don't comprehend the mechanics exploited by the scammer. But this can easily be remedied through a little bit of education. Most online banks and shopping sites have detailed guides and tutorials on the risks and signs of phishing, identity theft and other forms of fraud. These guides are often very detailed, but quite simple and easy to understand, with graphical illustrations and examples, specifically targeted at novice users. But advanced computer users should read these guides as well, because the fact that you know everything about computers does not make you immune to all forms of online fraud.

With all this information at our disposal, how is it still possible for some scammers to swindle their victims? I believe people are not taking the time to familiarise themselves with the risks of online fraud. If you don't know how to use the address bar of your browser, or why the address bar turns green on certain sites or how use your status bar to preview the address of a link, you are like a suicide bomber. It is like driving a car without the proper training, you are a danger to yourself and everyone around you. Like I mentioned earlier, the information published by banks and online shops, regarding the methods used by scammers to swindle their victims, are not that hard to understand (and for goodness sake if you don't understand these guides ask someone you trust to explain them to you). So if we have all the information about the techniques used by scammers and if they are easy to comprehend, why on earth do people still fall victim to these obvious scams? Simply because they don't read the information available to them. If your bank account was emptied by a bunch of crooks, because you clicked on a link in some e-mail about updating your personal details or something like that, then you are either living on a different planet or you haven't been paying attention to the warnings communicated by your bank. Where have you been in the last decade or so? These scams have been an active threat to the online community for several years now, so how is it possible that you haven't heard of these scams before? Honestly, people need to wake up and smell the coffee! Open your eyelids and pay attention to your surroundings! Start to THINK for yourself and stop depending on other people to do it for you!

Unethical marketers are able to convince some people to buy stuff they don't need, simply because some people are like zombies, allowing outside influences to manipulate their thoughts. Scammers follow the same tactics, they force the victim into believing everything they say in their scam e-mails or on their scam websites. The promise of millions of dollars, a valuable object or the threat of suspension of your bank account, is often so sudden (or promising), that people forget to think about the source of the e-mail or the means by which the scammer are communicating with them. The initial contact made by a scammer is a crucial point in the development of a scam. If you can't identify the scam early on, chances are that you won't realise you are being conned, until the damage is already done. The only way to identify these scams is to use common sense and a bit of scepticism. I'm not saying you need to be over-suspicious towards every e-mail and phone call you receive, but you need to look very critical at every form of communication, where you don't know the person on the other side. In other words, ask yourself the following common sense questions (where the answer to each question is obviously NO): Will the bank ask for my credit card number over the telephone? Will my bank send me an e-mail request to update my personal e-mails? Will an official from another country contact a total stranger, in connection with a multi-million dollar transaction? Will the Executive Director of the FBI use a free e-mail service to contact me about some scammers who MAY have contacted me in the past? Will a company like PayPal or Amazon make spelling and grammatical errors in their e-mails? If this is such a great business opportunity or such a revolutionary product, why haven't I heard about it before? Is it possible to make loads of money by simply distributing a chain letter received through the post? The list goes on and on...

You see, by asking a couple of critical questions you will soon be able to identify whether an e-mail, phone call or a letter in the post is a scam or not. It just needs a little bit of reasoning and common sense, there is no rocket science to it. But if you are too lazy to think for yourself, deliberately ignoring the warning signs of common fraud, then you deserve to be scammed!

About the Author
Coenraad is webmaster and founder of Cyber Top Cops, leaders in Internet security, analysers of security software and raising awareness about internet fraud and malicious software

A Quick Look at Kaspersky Internet Security 2010

I recently did an in-depth review of the latest Internet security suite from Kaspersky Lab, Kaspersky Internet Security 2010 (KIS 2010). It is certainly an improvement over previous instalments, providing a more comprehensive level of protection against malware based threats. Some components have been divided into smaller, separate components, making the application very flexible in terms of customisation. What does that mean for the user? The user is able to disable unnecessary components in cases where similar protection is provided by a standalone application, for instance a spam filter or parental control application. There are a lot of good things to say about this security suite, but it is definitely not without its faults, I will discuss these in detail a little bit later.

Installation and setup
Very easy and straightforward. Getting the application up and running is child's play and the process is fairly automated, meaning very little user interaction is required during the installation procedure. I have a little bit of criticism against Kaspersky Lab going the opt-out route regarding the participation in the Kaspersky Security Network. With "opt-out" I mean that you need to explicitly opt out from participation and I would like to see this the other way around. But at least Kaspersky Lab gives you the option to opt out, unlike other software developers who never even inform you of participation in their usage data collection programs.

Updates
The software updates itself quite often, with definition updates released several times a day. The software checks for updates on an hourly basis, but certain users report that actual updates are published every three hours on average. Nevertheless, Kaspersky Lab stays up to date with the latest threats and outbreaks, to the benefit of every user of their software.

User Interface
It is quite easy to use the software, making it an attractive option for novice users. Most of the components work out of the box and customising them is no rocket science. However this can't be said of all the components. The firewall component is the least user friendly and making changes to the firewall rules, to make it behave in a way that suit your needs, is an extremely frustrating and time consuming operation.

Performance
You won't need a monster PC to run Kaspersky Internet Security 2010, but you need at least 1 GB of RAM and an 1GHz processor to run the security suite on Windows XP, without compromising the overall performance of your computer (for Vista and Windows 7, double these figures to 2GB of RAM and a 2GHz processor). Off course you will notice a slight decrease in performance, but nothing major. With the processing power of today's standard office computers, you shouldn't have any trouble running the software on one of these.

Real-time Protection
This is where Kaspersky Internet Security 2010 packs the punch. This security suite brags with a whopping 13 different security components, each one of them providing tailor made protection against specific types of threats. You are basically protected against malware (viruses, spyware, trojans, rootkits, etc.), network attacks, spam, phishing attacks, intrusive advertising through banners and even your kids are protected against inappropriate content on the Web. There is more to Kaspersky Internet Security 2010 than meets the eye and only a look under the hood can reveal the different levels of protection provided by this world class security suite.

Threat Protection Tests
This is the core of every security software review, in other words, can the software protect me when the pawpaw hits the fan? Malware tests were satisfactory, although it missed a couple of threats. Malicious files are isolated properly and accidental execution of a known threat is nearly impossible. The heuristic scanner is fairly clever too and the software defended itself perfectly when I tried to disable it by force.

The firewall fared well against the couple of leak tests I threw at it, but I was able to determine the computer's MAC address and the fact that it was up and running, with a simple port scan from another computer. The proper behaviour of a firewall in this case would be to hide the computer completely from an unauthorised computer, connected to the same network. The firewall detected and blocked the port scan, but it did not blacklist the offending PC, because it assumed that its IP address was spoofed. I would have liked an option to block the attacking computer completely, but hey, this is not a perfect world.

The spam filter is the only component in Kaspersky Internet Security 2010 that did not do so well during this review. At first I had loads of issues getting it to work in Thunderbird 2 and secondly, I discovered that there is no support for Thunderbird 3 at all (perhaps in the future?). The spam filter operates quite well in Outlook Express but the actual spam filtering left me wanting. I have to mention though, that the accuracy of the spam filter improved, after training it with more or less 150 spam e-mails, but even after all that training it still allowed obvious spam e-mails to come through. So it is disappointing to see a spam filter, with so much potential (Heuristic analysis, GSG technology for image recognition, analysis of RTF files and self-training text recognition with iBayes), struggling so much when it comes to actual spam filtering.

Value Added Protection
Like I mentioned earlier, during the discussion of the real-time protection, you also get a parental control and anti-banner component with Kaspersky Internet Security 2010. These components are disabled by default, because not everyone will have use for them. However, these simple tools are really impressive in terms of functionality, they do exactly what you would expect from them. The parental control component is easy to configure and very little configuration is needed, because it relies heavily on heuristic detection of inappropriate websites. Heuristic analysis is often something that delivers either a lot of false positives or false negatives, but the heuristic analyser of the parental control component is totally different, it is successful at detecting inappropriate sites, with very few false positives.

People with a vendetta against banner advertising will find the anti-banner component very helpful. Once again it relies on heuristic analysis to detect common banner sizes. The parental control and the anti-banner components, each has a white-list and a black-list, which can be used to explicitly allow (white-list) or block (black-list) specific websites.

Conclusion
Kaspersky Internet Security 2010, is a well rounded Internet security package. There is most certainly some room for improvement in the firewall and spam filtering division, but apart from its faults, it still remains one of the leading Internet security suites in the market. I highly recommend it for home and office use.

To win the battle against cyber crime we need comprehensive protection against online threats. We need to take the necessary precautions to keep our computers free from malware and unauthorised access. In order to achieve this goal, we need the necessary protection on our computers BEFORE an attack strikes. An Internet security suite like Kaspersky Internet Security 2010 can help you achieve this goal.

One golden rule applies to computer security, prevention is better than cure!

About the Author
Coenraad is webmaster and founder of Cyber Top Cops, leaders in Internet security, analysers of security software and raising awareness about internet fraud and malicious software. For more details about this security suite, read my in-depth review of Kaspersky Internet Security 2010.

Cyber Top Cops Is Back!

Tuesday, September 02, 2008, the date of my last (but luckily not my final) article. More than a year and a half has passed since my last article. E-mails to cybertopcops.com were left unanswered and the site was no longer updated. Most people who made contact with me during this time, noticed that the site was outdated and no longer maintained. I'm sure a lot of people asked why, so for those who wondered why I disappeared into thin air, here is the explanation.

Those of you who know me well, is aware of the fact that CyberTopCops.com is not my day job and that I'm a very busy man (I work and study at the same time). During this time I took on quite a lot of responsibilities at the firm where I work, which resulted in a lot of overtime. All of the overtime took a bite out of my study time and quite obviously all the study time took a bite out of my CyberTopCops time. To add insult to injury I also had to attend to some personal matters, so I had quite a lot on my plate during the last year and a half. So I hope all my supporters will understand and forgive me for not answering their e-mails (especially my good friend John Masters, thanks for your support during these tough times).

So have things changed all of a sudden? Well, to be honest, no. I kept CyberTopCops.com online because I wanted to come back and continue to fight cyber crime. I tried to make a comeback several times but circumstances prevented me from doing so. I have to mention though, that I did some work on the SHPAMEE project during this time, so even though it seemed that CyberTopCops.com stood still, some of the work continued to happen behind the scenes. I also expanded my PC lab with another computer and converted all my machines from Windows to Fedora Linux (except the one I use to review security software and analyse malware samples). A word of thanks to everyone who continued to submit malware samples, malware sites and spam samples during this time (another BIG reason why I kept the site up and running).

OK, so if things are still as hectic as before, where will I find the time to keep the site updated and write articles? Well I did most of my work during the last couple of public holidays we had over here in South Africa, so I guess I will wait for the next public holiday before I write my next article. No... just kidding. I honestly don't know. All I know is that the desire to return to cyber crime fighting has motivated me enough to do something about the problem. I guess I will have to manage my time a little better and perhaps get some help to keep the site up and running, but I'm a bit of a sceptic and prefer to work alone.

A couple of major events took place in the cyber security field during my absence. SpywareInfo.com expired and was sold to the highest bidder (and yes not to a passionate cyber crime fighter but someone only interested in making as much profit as possible). The same happened to merijn.org (since it had the same owner as SpywareInfo.com). You can read more about this at DSLReports.com. Luckily the good people at SpywareInfo.com was able to continue their work at SpywareInfoForum.com and merijn.org moved to merijn.nu. PLEASE NOTE: The new owners of SpywareInfo.com and merijn.org have been using them for malicious purposes, so I do not recommend visiting them. But perhaps the biggest shock of them all was when Castlecops closed shop in December 2008. This was a huge blow to the cyber security community but I'm sure most of the volunteers have already joined forces with other cyber crime fighting groups. So I guess it is clear I've been out of the loop for quite some time and I have some catching up to do.

I constantly witness cases where people fall victim to cyber crime due to a lack of education. People still walk blindly into the traps set by phishing scammers and malware developers. I recently helped a client to get rid of over 300 infections on a single PC (and another couple hundred infections on every other PC that was connected to the same network), just because they failed to install anti-virus software on their network. This was a classic example of how one PC can cause several infections on every PC connected to the same network. And believe me, the client was quite surprised when I explained the dangers of data mining, identity theft and keystroke logging, not even to speak of the possibility that their PC's were used as hosts for spam distribution.

People often think I exaggerate when I explain the dangers of malware and spam, but their views suddenly change when someone breaks into their bank account or if someone hacks into their e-mail account. The ignorance of most people continues to amaze me. With all the real life stories out there of people falling victim to cyber crime and all the warnings from banks and financial institutions, people still go by their day to day activities without taking appropriate precautions against these threats.

So how can we solve this problem? First of all education (yes I know I tend to sound like a broken gramophone, but one can never emphasise this too much), because education empowers our online community with the know-how to stay safe online without the use of fancy and expensive tools. I also believe mainstream media should play a more prominent role in the fight against cyber crime. We need more stories about victims of cyber crime in the most popular publications. I'm not sure about the press in other countries, but here in South Africa there is almost never a story about phishing incidents or 419 scams (many people over here still don't even know what it is) in our local newspapers or prime time news on TV. Why? Because these stories don't sell newspapers or keep viewers hooked to their TV's. Why? Because journalists don't see them as newsworthy. I realise you can't write an article on every murder, theft or kidnapping, but for goodness sake, make some space for cyber related crimes in your newspapers, magazines and news bulletins on TV and radio. We need to make people aware of these incidents and by making people aware you call them to action to learn more about these threats and how to defend themselves against cyber criminals. Finally, we need better legislation and enforcement of those laws. It makes no sense to have perfect laws but no one is willing and able to enforce them.

So CyberTopCops.com is back in action and I hope to bring you a brand new article once a week, however, I can't promise anything at this moment, but I'll do my very best.

About the Author
Coenraad is webmaster and founder of Cyber Top Cops, leaders in Internet security, analysers of security software and raising awareness about internet fraud and malicious software.

How To Verify Whether a Suspicious E-Mail is a 419 Scam

In my last article I explained how to spot a 419 scam by paying attention to the common characteristics of 419 scams. In this article I will explain how to identify a 419 scam by looking at the cold hard facts.

The majority of 419 scammers conform to standard procedures (not standards) and send scam e-mails that can be identified quite easily by analysing these e-mails against a set if common 419 scam characteristics. However, you will always get the case where a scammer sends an e-mail that's out of the ordinary, one that contains absolutely no common characteristics of a 419 scam. It is in cases like these when you need to follow your gut feeling, which is quite easy if you analyse 419 scam e-mails on a daily basis, because you know how a 419 scammer's head works, but it is a problem for people who don't understand how these scammers operate. If you can't spot any common characteristics of a 419 scam in a suspicious e-mail, you will need cold hard facts to prove its fraudulent intent.

It is surprising to see how many people resort to the lazy way of verifying a 419 scam. What do I exactly mean by "the lazy way"? The lazy way is the quick "IS THIS A SCAM?" post on a discussion board or a social community website like Yahoo! Answers, while the answer is readily available through a search engine like Google or Yahoo. Always remember there are only a handful of people (mostly volunteers) who devote their time to battle online crime, so it is a waste of valuable resources if people simply resort to a quick and comfortable e-mail or forum post, to have the answer presented to them by someone else, if they could have found the answer themselves. Don't get me wrong, people should always ask around before acting on a suspicious e-mail, but you should only resort to assistance from someone else, if you are still unsure after looking for the answers yourself.

But there is another problem in asking for help without looking for the answers yourself. If you ask for help in the wrong places you can easily get the wrong answers. Only ask questions in places where you are sure you will get answers from experts in their fields. I can recall an incident in February 2008 where someone asked a question on Yahoo! Answers about a the legitimacy of a website called dhl-postit.com. At this stage there were a couple of Romanian scammers who pretended to sell mobile phones to their victims and used fake courier websites to defraud people from their hard earned money. The website was initially reported to Cyber Top Cops by a victim⁽¹⁾ of this scam and I discovered the post on Yahoo! Answers while doing some research about the fraudulent website. I was shocked by the response to this question. A contributor called Gerry⁽²⁾ told the original poster that the website was safe and that he dealt with them all the time. Gerry's profile is no longer active any more, he most likely got kicked from Yahoo! Answers because there is no doubt in my mind that this guy was the scammer himself. What kind of victim will vouch for a website that only defrauds people? The sad thing however is that the original poster believed him and found the response very helpful. The poster asked the same question in a different section of Yahoo! Answers and even on the second attempt, the poster still received a misleading and inaccurate answer. What lesson can be learned from this example? You should never act on the information found on one site only, you should always look for a second and third, yes even a fourth opinion, just to make 100% sure all the facts add up. If you are still not 100% sure about the e-mail or website, look for expert help.

The sad reality is that many people still doesn't know how to use a search engine, not even to speak of researching an e-mail scam on the Internet, so I will try to explain both in this article, but with the emphasis on finding scam related information on the Internet. I will be using information from a real 419 scam e-mail in my instructions below. For simplicity I will provide instructions from Mozilla Thunderbird as the e-mail client and Mozilla Firefox as the web browser. For the more advanced readers of my articles, please bear with me for a couple of moments, I know this is already common sense to most people, but believe me there are people out there who don't even know how to do a simple search on Google and I'm trying to reach out to them. Chances are good that most of my subscribers already know how to search for scam related information on Google, so if you know someone who has trouble finding stuff on the Internet, please refer him/her to this article, you might just save someone from falling victim to a 419 scam.

Lets say you received an e-mail from contactfbihq016@earthlink.net. To search for this e-mail address in Google, do the following:

1. Copy the e-mail address from the e-mail itself: Right-click on the "From:" e-mail address and select "Copy Email Address" from the drop-down menu.

2. Go to Google.com: Open your browser (Internet Explorer, Firefox, Opera, or whatever you use for browsing the web), type www.google.com in the address bar and press the Enter key on your keyboard.

3. Wait for Google to open and paste the e-mail address in the search box: Right-click inside the search box and choose "Paste" from the drop-down menu.

4. Now click on "Google Search" and wait for the search results to appear.

It is very unlikely that you will find anything for this e-mail address (at this moment), so lets repeat the process for the "Reply-To" e-mail address, fbiwashingtonfield@fedbureau-ofinvestigation.org. Once again, a search for this e-mail address will most likely deliver no results (except a link to this article perhaps, once a search engine has crawled and indexed this page).

The scam e-mail also contains an instruction to contact someone that goes by the name of Prof. Charles Chukwuma Soludo, so lets do a Google search for "Prof. Charles Chukwuma Soludo".

1. Copy the text from the e-mail: Select the text "Prof. Charles Chukwuma Soludo" from the e-mail, right-click on the highlighted text and select "Copy" from the drop-down menu.

2. Repeat steps 2, 3 and 4 above.

Among the search results you will find links to websites like 419.bittenus.com, 419scam.org, 419baiter.com and even Wikipedia. You are basically looking proof that the name of Prof. Charles Chukwuma Soludo is being used in 419 scam e-mails. All four of the websites mentioned earlier will contain this kind of information. Remember this does not mean that the real Prof. Charles Soludo is involved in any 419 scams, it merely proves that 419 scammers are abusing his name to add credibility to their fraudulent e-mails. If you can't find any useful information on a specific web page, simply hit the "Back" button of your browser to return to the search engine results page and choose another link from the results.

Scam e-mails also contain telephone numbers and secondary e-mail addresses, so can you do a Google search for them just like you did with the name of Prof. Charles Soludo. To test yourself, do a search with Google or Yahoo and see if you can find any information about +234-8054740218 and p.charles.soludo@centbnkingonlineng.org.

But how do you identify a fraudulent or fake website? If you want to analyse a suspicious website you need to do the following:

1. Look for common 419 characteristics. Funny names and e-mail addresses, spelling errors, bad grammar, silly web design mistakes, etc. You will find more details about this operation in my article, How To Spot a 419 Scam.

2. Do a Google search for the website address and analyse the search results, just like you would do for a suspicious e-mail address (as already explained).

3. Copy a phrase from the website and do a literal Google search for this phrase (in other words enclose the search phrase in double quotes).

4. Do a WHOIS lookup on the domain name for more information about the owners, the creation and alteration dates of the domain.
   

I already discussed points 1 and 2, so I will explain points 3 and 4 in greater detail below:

Do a Literal Search For a Phrase From the Suspicious Website
Why do a literal search for a piece of text from a suspicious website? The idea here is to find another website with the exact same phrase. This will help you to identify other websites containing the exact same content as the suspicious one. 419 scammers often scrape website content from legitimate and trustworthy organisations and pose as legitimate organisations to add credibility to their schemes. But they don't copy the content alone, they copy the layout and graphics as well, in other words they create a complete replica of the original site and only change key elements like the the contact details and sometimes the name of the organisation. But it is important that you search for a phrase that is unlikely to be published or syndicated elsewhere on the web. The phrase has to be a unique piece of text that contains no names, e-mail addresses or anything that has the likelihood of being changed by the scammers.

I know this is easier said than done and most people won't have a clue what to search for or how to analyse the search results. So to make things easy, just copy a piece of text from the home page of the suspicious site, paste it into a Google search box, enclose the phrase with double quotes and click on Google Search. Now look for websites with the same content, layout, graphics and overall design. Several websites with the exact same content and layout is often a sign of a 419 scammer at work. If you can find only one other website with the same content and layout, you probably stumbled across the original website (but this is never a guarantee, you will soon see why).

These search results are not always a clear-cut case and you should always to keep the following in mind:

1. You may find the original website among the search results as well, so don't just assume that all of them are fraudulent.

2. The fact that you have found several copies of the same site, does not necessarily mean that they are copies of a legitimate or trustworthy site. 419 scammers can easily design a website from scratch.

3. The website ranked in the number one spot of the search engine results, is not necessarily the original website. 419 scammers can always use black hat search engine optimization techniques to outrank the original website.

4. You should never judge a website just because it has been copied on another domain. Content scrapers and plagiarists are all over the web and there are way to many variables to consider when it comes to content syndication. This method only forms a small part of the overall process of identifying fake and fraudulent websites and is never the deciding factor.

Do a WHOIS Domain Name Lookup
You may use any WHOIS service you prefer, but I suggest DNSStuff.com. Simply visit this site and enter the domain name in the WHOIS lookup box and click on the search button. You will be taken to a results page where you can view more information about the domain. There may be a lot of technical information for some users, but in most cases you only need to pay attention to the following:

1. The creation date of the website. If the website is relatively new, be on high alert. What do I regard as new? Fraudulent websites do not have a very long lifespan (on average, but this is not always the case). I normally use a safety margin of 3 months, but this is no guarantee at all, because a suspended website can always be reactivated after 3 months. The age of the website is merely a sign and is in no way a deciding factor.

2. Recent changes to the WHOIS records. This goes hand-in-hand with the creation date of the domain, so there is no need to explain this any further.

3. The owners of the domain. If it is owned by someone who live in one of the 419 scam hotspots, it is most likely a fraudulent website. I discussed these hotspots in my previous article, How To Spot a 419 Scam. Scammers often provide fake personal information, so this is never a reliable source of information. Fortunately you get certain scammers who are stupid enough to tell the public where they live.

4. Do the owners use a privacy protection service like privacyprotect.org or myprivateregistration.com? You can determine this by looking at the contact e-mail addresses. It is normally a bunch of crooks who use these services, so it is yet another sign of a fraudulent website. (I'm not saying that you are a crook if you use these services, I'm merely referring to the fact that scammers prefer to use these services, because this enables them to hide their true identity. It remains a joke no matter how you look at it, because they provide false information anyway, so what is the use of hiding it?).

Another way to verify whether a suspicious e-mail is a 419 scam, is to do a trace on the sender's IP address. This works a lot like a domain name lookup, it's only called an IP-WHOIS (or IP Info) lookup and DNSStuff.com also provides this service. An IP-WHOIS lookup provides geographical information among other technical information about the IP address, so you basically do an IP-WHOIS lookup to determine the geographical location of the sender. If you have the geographical location of the sender you can easily tell whether the e-mail originated from a 419 scam hotspot. I'm not going into the details of doing an IP lookup because it involves the analysis of the e-mail header and many people don't even know where to look for them. So I will leave this for another article perhaps. I want to keep the methods in this article as simple as possible and I feel that I already overstepped this boundary a couple of times.

If you have any questions about the methods discussed in this article, feel free to ask them in the comments section of my blog and I will do my best to explain.

(1) The person who reported the website to us, never responded to our follow-up e-mails, so I am not sure if this is the same person who asked the questions on Yahoo! Answers, but the fact that the report to Cyber Top Cops came on the same day as the question posted on Yahoo! Answers, makes me confident that this is the same person.

(2) It remains a mystery why Yahoo! never removed this question and the misleading responses from Yahoo! Answers, even after we reported Gerry to Yahoo! Answers. Perhaps he got suspended due to another contravention of the Yahoo! Answers Terms of Service.

About the Author
Coenraad is webmaster and founder of Cyber Top Cops, leaders in Internet security, analysers of security software and raising awareness about internet fraud and malicious software.

How To Spot a 419 Scam

419 scams come in different forms and flavours but they all have their sights on one goal only, your money. In this article we will take a look at the importance of spotting a 419 scam and what to look for in a 419 scam.

Brief Background of 419 Scams
This is a very brief description of a 419 scam and I will not even scratch the surface here. Several aspects of the 419 scam goes beyond the scope of this article and I plan to discuss them in future articles. The 419 scam (Nigerian Four-One-Nine) got its name from the article of the Nigerian Criminal Code dealing with fraud. Scammers often demand upfront payments for dubious reasons like processing fees, legal expenses or to bribe certain officials, therefore the scam also became known as Advance Fee Fraud. A 419 scam starts with an unsolicited e-mail from a scammer promising a huge sum of money, but the scammer will create the impression that you need to make a couple of upfront payments before you can lay your hands on this non-existent fund. These upfront payments are normally a drop in the bucket, compared to the huge sum of money you will receive in the end. This makes the scam very attractive to unwary and uninformed people, who are desperate for some extra cash.

The Importance of Spotting a 419 Scam
Prevention is the most important reason behind the successful identification of 419 scams, but this is not the only reason. Registrars, hosting companies, Internet Service Providers and Law Enforcement also need to familiarise themselves with the common characteristics of 419 scams, because their support and cooperation play a huge part in the battle against 419 fraud.

Unfortunately, many registrars and hosting companies fail to take a stand against the fraudulent activities of 419 swindlers. Registrars refuse to suspend the domains of known scammers and hosting companies fail to enforce their Acceptable Use Policies (AUP). There is a reason why registrars and hosting companies are hesitant to suspend the accounts of 419 scammers... Money! These swindlers are their clients, so they are happy to host their fraudulent websites and support their spamming services. With some registrars unfortunately, you will never win, not even if you are Sherlock Holmes. They are simply ignorant to the 419 scam problem and do not care about the lives being destroyed by these scams.

To all the unethical registrars and hosting companies out there, don't tell me you have a hard time identifying Advance Fee Fraud websites, if you own a groceries store, will you knowingly sell Marijuana to your customers? Perhaps that was a stupid question. If you don't mind hosting a fraudulent website, you will probably have no problem selling Marijuana to your customers. But what is the big difference here? If the cops catch you selling illegal drugs to the public, you can kiss your store goodbye, but it is a common misconception that the cops won't do a thing against a registrar who refuses to suspend the domain of a fraudulent website. The actual reason why registrars get away with murder is because complainants do not want to go through all the hassles of filing a complaint with the police and the cops sometimes do not have a clue how to approach a case like this, even if there are laws you can use to your advantage. Yes, I am aware that your local police department won't have any jurisdiction over a webmaster in a foreign country, but even if they did, you are unlikely to get anywhere with a case like this, if you don't have deep pockets and the registrars know that.

I understand that registrars cannot go suspending domains left and right on a mere request or tip from the public, they have to conduct a thorough investigation before they can take any action. Abuse departments are swamped with fraud reports each day and on top of that I believe they get their fair share of false reports as well. Members of the public need to get their facts straight before reporting a fraudulent website to a registrar, this improves the turnaround time of abuse complaints and makes the work of the abuse departments that much easier. I'm not saying you must conduct a full-scale investigation (unless you feel the need to do so), simply take the time to gather all the evidence and present the information to the abuse department in a logical and organised manner. So many people resort to a quick e-mail like "Hey, check out this site, I think it is fraudulent." or "Hey, this guy sent me a fraudulent e-mail and this is his e-mail address, please take him out". Good, you raised awareness about possible fraud, but tell the abuse department why you think the website is fraudulent. Don't just send them an e-mail address of the suspect, send them a copy of the e-mail that was sent to you and don't just forward the damn thing inline, forward it as an attachment or include the full header of the e-mail along with the body. The abuse department will eventually find the e-mail address of the suspect in the copy that you sent to them.

Proper identification of 419 scams by members of the public will make these scams less effective and will eventually lead to a decrease in 419 activities. So lets take a closer look at the characteristics of a 419 scam.

What To Look For In a 419 Scam

1. The subject of the e-mail, as well as the name and e-mail address of the sender:

   By analysing the name and e-mail address of the sender in conjunction with the subject line of the scam e-mail, you can easily identify a 419 scam before opening it. Spotting a 419 scam at first glance minimises the risk of falling for the scam and saves you time (you don't have to read through all the mumbo jumbo of the scammer). This also simplifies the task of reporting 419 scams to cyber security authorities.
   
   Typical characteristics of subject lines, names and e-mail addresses used in 419 scams:
   

• Scammers love to disguise their true identity with the names of high profile figures like State Presidents, Ministers, Ambassadors, Directors, etc.

• Subject lines are often typed in uppercase letters only.

• They use free e-mail services like Yahoo, GMail, Hotmail/Live, or a free ISP e-mail account. These free e-mail accounts are used in cases where one would expect an e-mail from an official e-mail address and surprisingly enough, there are still people who fall for this lame trick.

• There is often an overdriven use of formal and professional titles like Mr, Mrs, Dr, Barr, Sgt., Lt, etc.

• Subject lines often have a false sense of urgency. See example (b) below.

• The name of the sender is repeated in the subject line. See example (h) below.

• Many scammers mistake the Subject for the From field and vice versa. Refer to example (q) below.

• Generic greetings like, "My Dear", "Dear Beloved", "Greetings to you", "Dearest Brother" or "Dear Sir/Madam" are sometimes used as a subject line.

• Many scammers are hypocrites who pretend to be devoted Christians and will use subject lines like: "GREETING IN THE NAME OF OUR LORD JESUS CHRIST", "My Dear Beloved in the Lord", "Goodness Of God Will Be Upon You", or "YOU ARE THE LORD CHOSEN ONE".

• Subject lines contain notices about "Payments", "Lotteries", "Bank Drafts", "Compensation", "Funds" and other financial related terms.

• The subject line often contains an instruction to contact a specific individual, department or organisation. For example "Contact my secretary", "Contact the fiduciary agent", "Contact the bank official", "Contact the ATM Department of..." or "Contact FedEx".

• Scammers always come up with the strangest and most outrageous e-mail addresses, especially in scenarios where it is quite obvious that the e-mail account is fake. For example, a scammer pretending to be an official from the FBI will use a silly e-mail address like fbiofficial015@example.com. The FBI have their own domain and e-mail servers, so there is no valid reason for using an e-mail account from another domain, or a free e-mail service like Yahoo! or GMail.

• It is common practice among 419 scammers to use an e-mail address that consists of a formal title, a name and surname. For example, Mr. John Doe will use an e-mail address like mrjohndoe@example.com.

• It is very popular among 419 scammers to start their subject lines with the words: "From the Desk Of".

• Lottery scams often have a reference number for the subject line. For example "Award Notice (Ref: LSUK/2031/8161/05)"

To illustrate the characteristics mentioned above, I included a few examples of subject lines, e-mail addresses and fake aliases used by real 419 scammers:

1. From: Robert S. Mueller, III
   E-mail: fbiauthorities@i12.com
   Subject: FEDERAL BUREAU OF INVESTIGATION (FBI)

2. From: Mrs. Inessa Gutseriyev
   E-mail: SFI@netti.fi
   Subject: An Emergency! Please Act Asap!!!

3. From: Mr Fred Johnson
   E-mail: fred.johnson34@yahoo.dk
   Subject: GREETINGS!!Good News

4. From: Lt. Gen. David Lee
   E-mail: china@live.com
   Subject: PEOPLE'S REPUBLIC OF CHINA

5. From: FRED MOORE
   E-mail: fredmoore@yahoo.com
   Subject: CONTACT ATM PAYMENT DEPARTMENT ZENITH BANK

6. From: Finance Nigeria.
   E-mail: www.fmf.gv.ng@mail05.syd.optusnet.com.au
   Subject: From the desk of: Dr. Shamsuddeen Usman

7. From: Lottery Board
   E-mail: smithzazaza@mtnloaded.co.za
   Subject: YOUR EMAIL ID HAVE WON YOU MICROSOFT ONLINE LOTTERY

8. From: Mr. Vincent Cheng
   E-mail: mrvincent@yahoo.com
   Subject: From: MR. V H C CHENG.

9. From: mrwalterleoanard@accessbankngrplc.org
   Subject: C .B . N PAYMENT ADVISED.(NOTIFICATION UPDATE)

10. From: Mrs. Alice Jones
    E-mail: internet@nuevoexcelsior.com.mx
    Subject: Dear Beloved, PLEASE GET BACK TO ME

11. From: Jubouri Omar
    E-mail: jubouri_omar1@yahoo.co.uk
    Subject: Request for Business Partnership

12. E-mail: dhlworlddeliverydispatch05@gmail.com
    Subject: PAYMENT OF YOUR FUND

13. From: Seek Of God Ministry Church
    E-mail: nmbsquad@debiansk.org
    Subject: Rev Pastor mulla welcoming you to seek of god

14. E-mail: highcomm1@sohu.com
    Subject: FROM BRITISH HIGHCOMISSION

15. From: MR. EDES ABEBE
    E-mail: charity@stella.org
    Subject: ARE YOU TRUST WORTHY?

16. From: Dr. Henry Martins
    E-mail: henrymartins@jobproposaloffer.com (Spoofed)
    Subject: URGENT JOB VACANCY.......{IMMEDIATE RESPONSE REQUIRED}

17. From: Warm Greetings From Nokia Company
    E-mail: info@nokia.co.uk (Spoofed)
    Subject: From Nokia Company

18. From: DR. GREGORY DAVID
    E-mail: phc.comm418@earthlink.net
    Subject: FROM POLICY HARMONIZATION COMMITTEE.

19. From: (SGT) Eric Yonenson
    E-mail: yonenson_76@mindspring.com
    Subject: Dear Friend

20. From: BARRISTER.FRANCIS COLE ESQ
    E-mail: myofficemail60@gmail.com
    Subject: ABOUT MY LATE CLIENT .MR CHARLES JONES.

21. From: BARR MIKE BEN
    E-mail: chi_elor@yahoo.fr
    Subject: CONTACT FEDEX EXPRESS COURIER COMPANY BENIN

22. From: EURO-PW LOTTERY v6.0
    E-mail: ryan.larson@ndsu.edu
    Subject: PRIZE AWARD NOTICE

23. From: frankegwu11
    E-mail: frankegwu11@o2.pl
    Subject: CONTACT MY SECRETARY FOR YOUR COMPENSATION

24. From: Mrs. Kate Williams
    E-mail: katewilliams_comp@yahoo.co.uk
    Subject: Claim Your Bank Draft of $500,000.00

25. From: Thomas Michael
    E-mail: tbt40650@ucmo.edu
    Subject: Reference Number 799BV90.

26. From: CHARITY PROJECT
    E-mail: SARAH@YAHOO.COM
    Subject: With God all things are possible

This is not an exhaustive list of characteristics, but is certainly a collection of the most common characteristics found in the subject lines, e-mail addresses and names of 419 scammers.

2. Questions you need to ask yourself before analysing a 419 scam any further:

In order to answer these questions you need to open the e-mail and read its contents. At this point, you don't need to pay attention to specific details in the e-mail, you only need to determine what the e-mail is all about.

• Is the e-mail an unsolicited and unexpected job, loan or business offer from an unknown individual?

• Is it about a lottery or competition you never entered? (Remember: Having your e-mail address randomly drawn from a list does not count as a valid entry for a competition).

• Have you received a huge donation from a non-profit organisation?

• Are you appointed as the next of kin of a total stranger?

• Do need to help a foreigner to clear a consignment box, containing millions of dollars, declared as something else to a diplomatic courier service?

• Is the e-mail supposedly from an American Soldier, doing service in Iraq, who discovered millions of dollars and needs to get the money out of the country?

• Is the e-mail an unsolicited request to take care of orphans, send Bibles to a church or offer financial assistance to sick and hungry people in Africa?

• Are you appointed, as the beneficiary of a fund, where the owner of the fund is currently dying of cancer?

• Is the e-mail about the recovery of money or assets that were never stolen from you in the first place?

• Have you been awarded an unsolicited bank draft for your philanthropic efforts?

• Is the e-mail about an outstanding/delayed payment for a contract with some government, but you never entered into such an agreement or you never even conducted business with them at all?

If you answered YES to ANY of these questions, you are most definitely dealing with a scam.

Now ask yourself the following questions:

• Did you expect the e-mail?

• Do you know the sender in person?

• Did the sender mention your name in his/her initial e-mail?

• Does the sender have any other personal information about you (besides your name)? If so, did the sender supply a valid, trustworthy source of where he/she obtained the information?

If you answered NO to at least 50% of these questions, you are most likely dealing with a 419 scam.

Always remember the golden rule, if it sounds to good to be true, it probably is!

3. Analysing the contents of the e-mail:

   If the name and e-mail address of the sender, the subject line of the e-mail or the story of the sender leaves you clueless about the legitimacy of the e-mail, you will have to analyse the contents of the e-mail in greater detail.

   The following characteristics are telltale signs of a 419 scam e-mail:

• The Reply-To e-mail address is different from the originating e-mail address. Scammers do this to ensure they receive your reply, in case their service provider shuts down their e-mail account. Some scammers will spoof the "From" e-mail address with an official e-mail address, like the Nokia.co.uk e-mail address showcased in example (q) and provide a free e-mail address in the Reply-To field.

• If the sender does not provide a Reply-To e-mail address, he/she will specify an alternative e-mail address, in the body of the e-mail. In example (q) above, the scammer provided the e-mail address "thomas_claims2008@live.com" along with a telephone and fax number (+44 701 115 0131 and +44 704 576 7986 respectively). These numbers will obviously not belong to Nokia, but since they are in the U.K., the scammers cleverly chose to spoof the "From" address with a co.uk domain.

• Sometimes the sender does not only provide a different Reply-To address, but also a completely different alias. The scammer wants to create the impression that you are sending your replies to a completely different person, but it is actually the same scammer operating both e-mail accounts, each one under a different alias.

• The whole e-mail, or large portions of it, is typed in capital letters.

• The e-mail starts with a generic greeting (as already discussed). Most scammers simply shoot in the dark when they distribute their scam e-mails, so they don't know your name and will therefore not mention it in the e-mail. (Never assume an e-mail is legitimate just because the sender knew your name. I have seen several 419 scam e-mails where the scammer already knew the name, last name and even the physical address of the recipient).

• The sender pretend to care about the well-being of your family with greetings like: "Good Day, How are you today? I presume all is well with you and your family." Believe me, 419 scammers don't give a damn about your family, they are only trying to earn your trust by pretending to care. Other 419 scammers have an apologetic attitude right from the start, for example: "Dear, Please accept my sincere apologizes if my email does not meet your business or personal ethics."

• The recipient of the e-mail needs to reply with personal details like his/her full name, telephone and fax number(s), residential address, birth date, gender, name and address of Next of Kin, banking details, occupation, marital status and nationality. Some scammers request a scanned copy of your photo ID, international passport or your driver's licence, so they are not only after a photo of yourself, they also want your identity number or social security number.

• Scammers often request some ridiculous information from their victims. For example your e-mail address (they already made contact with you, why would they need your e-mail address again?), the country that you live in (even if they already asked for your residential address and/or nationality) or the amount of money that you won (in the case of a lottery scam).

• The most common telephone numbers provided by 419 scammers are from South Africa (country code +27), Republic of Benin (country code +229), Nigeria (country code +234) and Netherlands (country code +31), but I've also seen telephone numbers from Sweden (country code +46), China (country code +86), Turkey (country code +90) and Malaysia (country code +60).

• Scammers always put a lot of emphasis on keeping the knowledge of the prize money or inheritance fund strictly confidential. There is a good reason for this, they don't want you to talk to other people about this because someone might realise that you are being conned and inform you that the e-mail is a scam.

• 419 scammers insist on using Western Union or MoneyGram to transfer funds to them.

• Scam e-mails contain loads of spelling errors and horrible grammar. However this is not a rule of thumb. Many 419 scammers have upped the standards and compose highly professional e-mails these days.

• 419 scams involve huge sums of money, but the victim normally shares in only a small part of this fund. However, the alleged fund is so huge that even a small percentage of the fund can mean millions of dollars for the victim. This makes the scam very attractive to the victims, even if they only get a small cut out of the deal.

• Many 419 scammers create the impression that they have been in contact with you in the past and that they failed to transfer some huge fund to you on a previous occasion. It is really hard to believe that people will fall for such a lame story, because if you can't recall doing business with these idiots, why would you reply in the first place. This only proves that 419 scammers are capitalising on the weakness of greedy people.

• 419 scammers can sometimes be quite philosophical, for example they will say something like this in the introductory line of their scam e-mail: "This letter must come to you as a surprise, but I believe it is only a day that people meet and become great friends and business partners." Yeah, whatever! It is only a day that people meet and become scammer and victim.
  

Characteristics of specific types of 419 scams:

• Lottery Scams nearly almost have a line that reads something like this: "...winners were selected through a special internet ballot system from 40,000 individuals and companies E-mail addresses." Some Lottery scammers put it like this: "...draws was [sic] carried out through random sampling in our computerized E-mail selection machine TOTAL from a database of over 1,000,000 Email addresses drawn from all the continents of the world,and the Globe divided into Zones."

• Most Lottery Scams have a silly disclaimer like this: "NOTE:You are to keep all lottery information away from the general public especially your Winning numbers. This is important as a case of double claims will not be entertained and will amount to disqualification of your already won prize."

• In many Next of Kin Scams you miraculously have the same last name as the deceased, however the scammer quite conveniently forgets to mention the last name of the deceased in the initial e-mail. The trick here is to get the victim to reply with his/her personal information and then use the last name of the victim on the forged death certificate and relevant documentation.

• Although it is not a rule of thumb, most Company Representative scammers offer 10% of their "income" to their victims. For some reason they like to use 10%, but I have seen scams where they only offer 5% and other, "more generous" scammers who offer up to 30%.

• An Inheritance Fund Scam normally involves a corrupt banking official who allegedly stumbled across an abandoned account of a deceased billionaire, or it is someone who can't access the inheritance of a family member due to various reasons. The scammer often needs your help to get the money out of his/her country.

• Inheritance Fund Scammers often provide links to news articles to back their facts (or should I say lies). For instance a scammer will use a plane crash as a basis for his/her story and provide links on a news site like CNN.com.

• In a Bank Draft Scam, the scammer refers to a previous deal that failed and now you have to contact his/her secretary because he/she left you a bank draft and hasn't been able to send it to you, because he/she is busy with other "investment" projects.

• Some Inheritance Fund Scammers pretend to send you the money via a pre-paid Visa or Maestro ATM card.

• The Job Offer Scam normally involves a job in a foreign country, so the victim has to apply for a visa. This is how the scammers make their money. Victims have to pay a small fee to a certain company who will arrange the visa for them. I refer to a small fee because the fee is normally a little dust particle compared to the remuneration being offered to the victim.

• The Compensation Scam often involves scammers who pretend to work for the United Nations or the FBI. These scammers pretend to compensate victims of 419 scams. How lame can you get?

• ATM Card Scammers pretend to be very kind by paying certain processing fees and a drug law clearance fee on your behalf. The drug law clearance fee is to certify that the money issued on your name, do not stem from any money laundering activities. This is only for the bluff and the scammers only try to give their victims peace of mind. They can cook up any bloody certificate, you will still be an accomplice in money laundering if you assist them in moving funds through your bank account.

• 419 scammers, using the story of the soldier in Iraq, who discovered a huge sum of money, always have some obscure plan to get the money out of the country. The most common one is transport via a diplomatic courier who has diplomatic immunity.

• Several 419 scams about some kind of pending payment will state something like this: "...we were notified that you have waited for so long to receive this payment without success, we also confirmed that you have met all statutory requirements in respect of your pending payment."

• Diplomatic Immunity Payment scammers often use the lame excuse that electronic fund transfers have resulted in payments being made to incorrect bank accounts, so they are shipping you the money in cold hard cash. These scams often contain a notice like this: "Note: The money is coming on 2 security proof boxes. The boxes are sealed with synthetic nylon seal and padded with machine." The scammers often claim that they declared the contents of these boxes as "Sensitive Photographic Film Material".

• Some Inheritance Fund scammers allocate the funds in the ratio of 60% for the scammer, 30% for the victim and 10% for processing fees.

This is by far not a comprehensive list of 419 characteristics. Most of the specific details in this article will become outdated as time goes by. Today, many 419 scammers claim in their initial e-mail that they have paid the upfront fee on behalf of the victim. Many victims will bail out when the scammer mentions an upfront payment, so the effectiveness of these scams declined over time and the scammers had to improvise. However these fools will mention some kind of payment at some stage in the scam and vigilant people will bail out once again.

419 scammers never conform to any kind of standard, so it is hard to lay down a rigid set of rules for identifying 419 scams. 419 scams are just like any other kind of spam, there are millions of spammers out there, but a lot of these spammers use the same templates and techniques. After a while the templates and techniques become common knowledge and the spammers need to find new and innovative ways of infiltrating our mailboxes and our minds.

One thing that will keep up with the evolution of 419 scams is common sense. No one will ever be able to teach you all the tricks in the book, because there will always be at least one trick you didn't think of. Reading between the lines, being vigilant and applying a bit of scepticism towards e-mails from an unknown source, can be a very effective weapon against online fraud.

No 419 scammers were harmed during the writing of this article.

About the Author
Coenraad is webmaster and founder of Cyber Top Cops, leaders in Internet security, analysers of security software and raising awareness about internet fraud and malicious software.