Sophos – Ladonna, Lekisha, Solange, Maggie, Lorri, Clorinda, Estefana, the list goes on..
I’d like to thank all of you for your kind (unsolicited) offers to start a relationship.
I would *like* to thank you, but it turns out that you haven’t just been suggesting some sexual hankypanky to me, but – judging by our spam traps – plenty of other internet users as well.
(Oh, and my wife might have some questions to ask about it too.)
Just take a look at some of the enticing subject lines we have seen whizzing across the internet in the last 24 hours or so..
Here’s how the emails typically read:
Hey,
My name is Clorinda. Shortly about myself – playful, wild and free.
I’m writing cuz I want to meet u man and I wanna meet u|think that u are hot and I would like to know more about u. Maybe it will be an interesting conversation and this is it, maybe it’ll be interesting to have some closer relationships, who knows, right? Give it a try!
I would be really happy if you’ll send me ur answer, ok?)
Here’s another example:
Hello, it’s Lavonia.
The reason why I’m writing it is simple: I’m looking for a man to spend my vacation with.
I love listening to music, dancing, watching action films, I also really enjoy skiing!
Oh yeah, I also enjoy sex. It’d be better to say that I fucking love it! I am pretty sure that u r not against sex, r u?)
It is so exciting for me and I really dunno what to expect from you) Please, write me back as soon as u can)
All the messages had JPGs attached, showing images of scantily-clad young women in suggestive poses. Here is just a handful of the photos that we saw attached to the emails:
The message headers appear like normal Yahoo emails but if you look carefully the Reply-To is not pointing back to Yahoo.
From: Lavonia_xxxxxx <[email protected]>
Reply-To: Lavonia_xxxxxx <[email protected]>
Subject: You gotta see it!
What is happening here?
The hackers have most likely harvested the images from social networking sites and other websites in an attempt to add a little colour to a rather common-or-garden dating scam.
They are also spoofing Yahoo email addresses in an attempt to add legitimacy to the messages.
Why are the messages being spammed out?
Well, normally the emails are just the first stage in an elaborate scheme to:
- Trick you into handing over your personally identifiable information (PII) to allow for identity theft.
- Trick you into wiring the nubile young female some money. “Can you pay for my plane tickets so I can visit you?” / “My elderly mother needs hospital treatment” once the virtual romance has begun to blossom.
- Recruit you into a money laundering operation. “Can you transfer some money for me from A to B?”
Don’t be fooled into thinking that romance scams like this aren’t much of a threat. In 2011 it was estimated that scams like this cost US victims $50 million, and such scams have even driven their victims to suicide in the past.
The motto of interacting with the internet should be “If it looks too good to be true it probably is!”
Leave a reply
