Proofpoint uncovers orchestra of AFF scammers using piano ruse

Researchers at Proofpoint have discovered a phishing campaign that targets individuals interested in buying second-hand pianos, potentially earning the scammers over $900,000. The campaign, which began in January 2024, is ongoing and leads to an advance fee fraud scam. Victims are lured into making a small payment with the promise of receiving goods or services that never materialize. These scams, commonly known as 419 scams and primarily originating from Nigeria, exploit current events and concerns to trick victims.

The emails in this campaign specifically target students and faculty at colleges, universities, as well as other industries like healthcare and food and beverage services. The scammers offer free pianos under false circumstances, such as a death in the family, and instruct recipients to contact a fake shipping company to arrange delivery. The criminals request payment through various methods, including Apple Pay, Cash App, PayPal, or cryptocurrency, while also collecting personal information like mailing addresses and phone numbers.

Proofpoint researchers were able to track down one Bitcoin wallet used by the scammers, containing nearly a million dollars. The emails typically come from free webmail accounts and have similar text with minor variations. By engaging with one of the scammers through a redirect service, the researchers were able to identify their IP address and device information, linking them to cyber criminals in Nigeria.

The researchers advise individuals to be cautious of unsolicited emails that seem too good to be true, as they are likely part of a scam. Advanced fee fraud scams rely on elaborate social engineering tactics and multiple payment platforms to deceive victims. Vigilance and awareness of common scam techniques are crucial in protecting oneself from falling victim to such fraudulent schemes.

Unlock your business potential with our expert guidance. Get in touch now!

silenced-gagged-secret-Michael-adobe.jpg

Post Office Criticized for Deleting Comments on IT Scandal from Social Media

Whitehouse-fotolia-scaled.jpg

When Leaders Overlook Cybersecurity Guidelines, the Entire System Suffers

Police-crime-2-adobe.jpg

Police Digital Service Board Director Resigns Months After CISO’s Departure

surveillance-CCTV-facial-recognition-Gorodenkoff-adobe.jpg

Essex Police Reveals ‘Incoherent’ Facial Recognition Evaluation

chatbot-1-fotolia.jpg

Podcast: RSA 2025 – Navigating AI Risks and the CISO’s Role

hybrid-cloud-storage-fotolia.jpg

Trump’s Visit Strengthens Saudi Arabia’s AI Initiatives

threat-management-fotolia.jpg

Security Tests Uncover Major Vulnerability in Government’s One Login Digital ID System