February 09, 2006Rule #3 Lives!
Spam Wars readers know that Rule #3 of spam is "Spammers are stupid." An advance-fee (419) spammer/scammer sent one of the usual appeals to me via my contact form. The message was from the ever-present Mariam Abacha (not really, but hers is a popular name among Nigerian 419 scammers)—the real Mrs. Abacha's late husband was a dicator...blah...blah...blah.
Submitting spam messages via forms of this type—rather than by traditional email—is nothing new. Bloggers who allow open comments have been fighting spam form submissions for a long time.
Whenever a message arrives here via the form, I like to think that a human actually filled out the form, but in the case of something like this, I know better. I can't imagine that anyone in his or her right mind would bother to take the time to send a 419 message to a Web site that ridicules these scams left and right. And lest one think that this message was sent maliciously, I'm reminded of Hanlon's Razor, which says:
Never attribute to malice that which can be adequately explained by stupidity.
The sender was definitely from Nigeria (as logged by the form processing software), but it was probably some guy sitting in an Internet cafe.
There was, however, something striking in the message. Beyond the fact that a good portion of the message lacked any kind of logic or even a good indication of what my cut of the $10 million transfer would be, there was this statement in the list of "conditions":
4. You will be ready to pay US$800Dollars only for stamp duties fee.
What's interesting to me about this is that it's the first time I recall seeing a 419 scam message that openly admits that the scammee will have to fork over some up-front dough. Perhaps this note helps weed out the respondents who complain bitterly at first about having to front any money. The ones who respond to this new appeal are self-selected to be immediately open to sending funds to Western Union offices in Nigeria. I can tell you, however, that this won't be the only fee that will need to be paid. I've seen real examples of how these scams can extend for months while the scammer comes up with all kinds of excuses (always some bank's fault) to extract some more hundreds and thousands of dollars, with no end in sight—except for the end of funds available to the victim.
I've already said too much, and have put my windfall into jeopardy because I just violated one of the "conditions:"
2. This deal must be kept secret forever, and all correspondence will be strictly by email / telephone, for security purposes.
Oh, yes. Unencrypted email sent to your yahoo.co.uk address is sooo secure. And telephone? Dear "Mrs. Abacha," don't the newspapers sitting around the Internet cafe have stories about NSA eavesdropping here in the States?
I'd like to think that resorting to sending a message in this fashion to a single recipient is a sign that 419 scammers are not getting the response from email like they used to. Thus, in my dreams, scammers are having to look to other, less efficient ways to hunt down potential victims. The form processing software is something that the hosting service for this site provides to all customers if they want to use it. Even so, I believe the sender would have had to cull the form submission URL from the Contact page's HTML source code (the URL references a template that I named, so it's not some default value), meaning that it's harder to look for this type of URL than it is to harvest email addresses from Web sites. Maybe someone is selling a list of those URLs to spammers. Not a high-value proposition, IMO, because it's a lot of trouble to reach a single individual who is probably more experienced and scam-savvy than the typical 419 victim.
If these clowns want to waste their time, then I don't mind taking a one now and then for the team. The time they spend working on my fruitless 419 appeal is time they can't spend finding a gullible victim.Posted on February 09, 2006 at 04:45 PM