Researchers at Proofpoint have discovered a phishing campaign that targets individuals interested in buying second-hand pianos, potentially earning the scammers over $900,000. The campaign, which began in January 2024, is ongoing and leads to an advance fee fraud scam. Victims are lured into making a small payment with the promise of receiving goods or services that never materialize. These scams, commonly known as 419 scams and primarily originating from Nigeria, exploit current events and concerns to trick victims.
The emails in this campaign specifically target students and faculty at colleges, universities, as well as other industries like healthcare and food and beverage services. The scammers offer free pianos under false circumstances, such as a death in the family, and instruct recipients to contact a fake shipping company to arrange delivery. The criminals request payment through various methods, including Apple Pay, Cash App, PayPal, or cryptocurrency, while also collecting personal information like mailing addresses and phone numbers.
Proofpoint researchers were able to track down one Bitcoin wallet used by the scammers, containing nearly a million dollars. The emails typically come from free webmail accounts and have similar text with minor variations. By engaging with one of the scammers through a redirect service, the researchers were able to identify their IP address and device information, linking them to cyber criminals in Nigeria.
The researchers advise individuals to be cautious of unsolicited emails that seem too good to be true, as they are likely part of a scam. Advanced fee fraud scams rely on elaborate social engineering tactics and multiple payment platforms to deceive victims. Vigilance and awareness of common scam techniques are crucial in protecting oneself from falling victim to such fraudulent schemes.