« Fractured English Tales | Main | Watch Out For This eBay Phish »
Home | The Book | Training | Events | Tools | Stats |
January 08, 2006
A Hoot of a Bogus LotteryWith all the TV ads here in the U.S. about Publisher's Clearinghouse soon to be rushing up to someone's front door with a poster-sized $10 million foamboard check, the lottery scammers of the world have a well-oiled public here waiting to win something for nothing. It's that time of year when a lot of consumers are feeling the hangover from the holiday gift-buying binge, and a surprise windfall would really ease the agony.
I fear that enough recipients of a bogus lottery win scam email I saw today will respond, and end up with less money than before the message found its way into their inboxes. At the same time, a critical eye on (and behind) the message finds it to be more than comical. For, you see, the lottery scammer even highjacks resources from a firm that has a number of consumer complaints against it. More about that later.
The scam in question has been around for awhile, although some of the details have changed. This one is called the British Web Lottery. If you are foolish enough to view the images embedded within the message, you'll find things like an animated Union Jack flag, a spinning globe, and [get this] an image of the United Kingdom Coat of Arms. The coat of arms image, as the HTML code behind the message reveals, comes from that amazing font of online information, Wikipedia. I mean, with a royal coat of arms, it's gotta be legit, right?
Anyway, compared to earlier versions of this message from 2005, it appears that the British Web Lottery office has moved from its previous digs in London to the north:
BRITISH WEB LOTTERY
P.O.Box 1010
Liver pool, L701NL,
United Kingdom.
Ref: BWLW/67451/01
Batch: 01/14/31711-3 FROM: Walter Jones, CONTROLLER
I don't believe that many Liverpudlians would put a space between "Liver" and "pool." As you'll read on, however, this scammer may be from the shallow end of the gene pool.
Next comes some blather about being government licensed under the Data Protection Act. It even includes a Data Protection Act registration number (beginning with a zed).
Now things get interesting. An image in the message shows a handwritten signature above a red-inked rubber stamp that says "APPROVED." I can't completely make out the signature, but it looks to be by someone named Carl A. Sherman (the last name is not particularly clear). This isn't the Mr. Jones from whom this message claims to be, but it's easy to understand why: the image is highjacked from a Web site of a company that has lots of folks complaining that they didn't get their free [fill-in-the-blank-with-the-latest-hot-gadget] after filling out information forms or sending the shipping/handling fee. We'll hear from Carl again in a moment.
We finally get to the meat of the message. First of all, it's formatted in HTML with so many fonts, sizes, and weights, that it looks more like a first-time HTML author's exploration into Fun With Web Page Design. I'll save you the frightening layout and show you just the first part of the text:
We happily announce to you the draw (#994) of the BRITISH WEB LOTTERY,online sweepstakes international program held on Sat 19, Dec 05, Your e-mail address attached to ticket number:56475600545 188 with Serial number 5368/02 drew the lucky numbers:
04,09,10,19,24,37,
(bonus no.+28 ),
which subsequently won you the lottery in in the 2nd category i.e match 5 plus bonus.You have therefore been approved to claim a total sum of £500,000.00{Five Hundred Thousand Great Britain pounds Sterlings}
In cash credited to file KPC/9080118308/02.This is from a total cash prize of £500,000.00{Five Hundred Thousand Great Britain pounds Sterlings}shared amongst the {10} lucky winners in this category i.e Match 5 plus bonus.
Two things.
- December 19th in 2005 was a Tuesday, not a Saturday. I think that was true in the U.K., even with the time zone difference.
- I tried doing the math on how ten lucky winners could win a £500K prize from a £500K total cash prize, but my trusty HP calculator only flashed "42."
The next large section of the message is a simple form. Not a Web-type of form. Just field titles with a bunch of periods forming dotted lines. Among the useless bits of information they request are next of kin, occupation, and a repetition of lottery information they already put in the beginning of the message (one of the fields is titled "REFENCE NO"). Then I'm asked to contact Mr. George simmons [sic] at a yahoo.com address or one of three U.K. telephone numbers. Mr. simmons, by the way, is supposed to be the "Foreign Services Manager, Payment and Release order Department, LONDON, UNITED KINGDOM." Ah, maybe they still have a London branch despite the move to the Liver pool. Or maybe Mr. simmons didn't want to move north. We'll never know for sure.
The letter signs off "sincerely" with another signature image and "Walter Jones, CONTROLLER." Oh, the written signature is the same one from Carl mentioned earlier, but this time the rubber stamp stuff has been removed. This image, too, is highjacked from the site that many consumers have loved to hate.
Very near the bottom of the message is an image that U.K. residents might recognize. It's an advisory that you must be 16 or over to play or claim a prize. The image is directly from the real U.K. National Lottery Commission Web site. It's the same image that appears on the real site's home page. Surrounding the image is an active link that leads to the real site. The "official-ness" of this imprint in the email message, however, would be lost on virtually every non-U.K. recipient.
If, after all this, you still weren't convinced that this email congratulations was real, the clincher comes at the very bottom, in red type:
WARNING!!! ANY MAIL RECIEVED OF THIS SUCH WITH ANY OTHER TRADE MARK OR ADDRESS SHOULD BE FOWARDED TO THIS BOX IMMEDIATELY, THIS WILL HELP US TO FIGHT SCAM AND LOTTERY IMPOSTERS. THANK YOU FOR YOUR ANTICIPATED CO-OPERATION
Aside from the tortured English and misspelling (except after "c"), it turns out that this disclaimer is pretty popular. Among lottery scam letters, that is. Google turned up three pages of matching Web citations and 64 sightings in fraud and email abuse newsgroups. There were no Google matches when spelled correctly. It reminds me of the phishers who replicate the target institution's Web pages so well that they keep the fraud and spoof warnings even on the bogus pages. Would a crook tip you off that he might be a crook? Absolutely because it adds legitimacy to the bogusity.
If you understand that, your grey matter is now in the shape of a Möbius strip.
Remember that the big red flag distinguishing lottery scams from real lotteries or jackpots (where legal) is that the scam ones always manage to make you the winner of something you didn't even enter. If you follow up with these clowns, you'll first be asked to wire them funds to take care of insured shipping (yes, many hundreds of dollars to ship you a check) or deposit some of your existing money to open a foreign bank account to accept a direct transfer. This is money that you'll never see again because there is always something in the lottery "bylaws" (uh-huh) that prevents expenses from being deducted from the anticipated winnings.
The only way to really win in this lottery scam is to delete the message immediately.
Posted on January 08, 2006 at 01:10 PM