When was the last time a Nigerian prince delivered millions to your bank account in exchange for performing a small favor? If you’re like most people, chances are the answer is “Never”. After all, why would someone you don’t really know demonstrate such astonishing generosity?
But you may be surprised to learn that “Nigerian Prince” scams ensnare more people each year than you might otherwise guess. In fact, the most recent FBI-run criminal probe charged 80 people worldwide who allegedly stole at least six million dollars from businesses and vulnerable senior citizens, including a woman who lost more than $200,000.
Here’s how “Nigerian scams” go down.
What is the Nigerian scam?
Nigerian scams, sometimes called “419” or “advance fee” scams, began in the 1990s.
Here’s how it works: The scam artist makes contact with an unsuspecting target. Using social engineering, the scammer convinces the target that he is wealthy or connected. Then, after establishing a relationship, the scammer fakes an emergency and asks for financial assistance. The target obliges and supplies his bank account information. The scammer promptly drains the account and disappears.
What is an example of a Nigerian/419 scam?
When these scams first appeared 30 years ago, they were easy to spot. The con artist, posing as a Nigerian prince—hence the name—would immediately ask for funds rather than try to establish a personal relationship first. A poorly written email might say that the prince desperately needs help because the Nigerian government is holding his money hostage. If only the target could please send bank information for fees and bribes, then the “prince” could escape—and in exchange, share part of his vast fortune with the target.
Unfortunately, con artist tactics have evolved. In fact, a robust and surprisingly open online community of scammers share tips and software programs that help them steal funds. Instead of that sketchy email from yesteryear, fraudsters now use everything from online dating platforms to false invoices to get their foot in the door. Once a target believes that a fraudster is a legitimate person, he strikes—and that’s when so much can go wrong.
Modern approaches used by Nigerian scammers include:
A scammer will study a business for months and get a company employee to click a link sent through email. The link delivers malware to the employee’s computer that might record keystrokes or screenshots. The scammer then impersonates a fellow employee or a contact from outside the business, often sending a authentic-looking invoice and requesting immediate payment. They may even go so far as to set up websites that look real so that anyone checking could be fooled.
Psychology Today reports that scammers are more likely to target adults over the age of 45 because they’re more prone to be lonely. A fraudster might set up an online dating profile and connect with a potential target. After spending weeks or months seemingly getting to know each other, the fraudster asks for help—and, of course, the target willingly complies.
Verify the veracity of any email that asks for funds to fight an African dictatorship, especially if it requests your account number to withdraw funds.
If you’ve ever bought or sold anything on a website such as eBay, beware. A fraudster may insist on sending you a cashier’s check or money order for more than the agreed purchase price and request that you wire him the difference. Because it can take several days for a bank to recognize a fake check, you could lose thousands of dollars.
How can I protect myself from Nigerian/419 scams?
There are several ways you can protect yourself from Nigerian scams:
Don’t give people you don’t know sensitive information
That includes bank account and routing numbers, logins and passwords, and your social security number. Scammers can use this information in identity theft scams, which is sometimes a follow-up crime to the Nigerian prince scam.
Check the sender’s identity through reverse lookup
Set up second identification methods
“We are finding that two-factor authentication, like a key fob, app or text or email code, is most secure and user-friendly,” said Michael Jacobi, a network computing industry veteran with over 25 years of cybersecurity experience. That way, even if a keystroke log records your typing, you can still ensure the security of your accounts.
Don’t fall prey to excessive flattery or reveal too much
The AARP advises its members to “take it slowly.” Avoid sharing sensitive personal details online and never send anyone you don’t know money or revealing images, no matter how sincere they seem.