Even in this day and age, online fraud-spewing PC killers are still trying to push users into a hot fuss by using 419 schemes to spread their scams like sawdust.
The latest twist on the theme that’s sure to make you shout?
Attackers are now using social networking sites to find victims who somehow pass themselves off as DJs to find and attempt to take advantage of their quarry.
According to a report filed by researchers at Symantec, these latest “advanced fee” scams are specifically combing Facebook and other Web 2.0 properties for aspiring DJs, then creating targeted 419, or Nigerian attacks aimed at tapping into the involved parties’ desire to find fans of their work online.
“Since it is likely that such people usually want to be found and are proud to be DJs, it is quite easy for an attacker to create a very targeted user list for his scam,” researcher Candid Wueest said in a blog post on the AV giant’s Web site. “Simply browsing and comparing dedicated user interest groups can reveal all of the necessary information.”
Once armed with some information about their targets, such as what region they may live in or what type of music they play, the attacker sends the individual a highly targeted e-mail posing as an event promoter seeking new talent to replace a last minute DJ cancellation.
After making contact via Facebook or whatever social network they’ve found their target on, they offer the aspiring DJ paid airfare and hotel accommodations and a performance contract, typically in some desirable destination like Miami, all in a very believable manner, the researchers said.
But of course there is a hitch. The scammers ask the targeted individual to pre-pay a sizeable deposit to guarantee their participation and protect against another last minute cancellation.
After the fee is paid via Western Union, the scammer then, predictably, disappears with the loot.
“This is just another example that demonstrates how publicly available information in social media networks can help fraudsters to construct very convincing lies,” said Wueest. “So, whenever you are offered a deal in which you have to pay some fees in advance through unusual ways, your alarm bells should start ringing. Don’t let the 419 scammers spin you like a record.”
Dead or alive, these 419 scams somehow keep cycling like so many dancehall LPs.
Like a record baby, right round, round round.
Matt Hines has been following the IT industry for over a decade as a reporter and blogger, and has been specifically focused on the security space since 2003, including a previous stint writing for eWeek and contributing to the Security Watch blog. Hines is currently employed as marketing communications manager at Core Security Technologies, a Boston-based maker of security testing software. The views expressed herein do not necessarily represent the views of Core Security, and neither the company, nor its products and services will be actively discussed in the blog. Please send news, research or tips to SecurityWatchBlog@gmail.com.
