Hace algunas semanas recibí un mensaje de Linkedin preguntándome si me
importaría recibir y gestionar 49 millones de libras. Generalmente ignoro este
tipo de mails, o simplemente les echo una rápida ojeada para ver qué tipo de
nuevos cebos están utilizando para engañar a aquellos que son demasiado
confiados o demasiado ambiciosos. En este caso, sin embargo, decidí seguir el
juego a ver cómo evolucionaba dado que el estafador se había tomado la molestia
de crear un perfil de linkedin, establecer conexiones, dejar pasar un tiempo y
finalmente iniciar la campaña de envío de mail. El mail inicial no era especialmente
elaborado, puesto que únicamente solicitaba que si se estaba interesado en
trabajar gestionando e invirtiendo esos 49 millones de libras ajenas, se
enviara un mail a chang09e@gmail.com.
De esta manera, el estafador podía continuar su actividad desde Gmail una vez
linkedin deshabilitara su cuenta ante los previsibles avisos de los usuarios.
Como digo, decidí contestar y manifestar mi interés por la oferta con la intención
de ver qué técnica estaba usando el estafador. Al cabo de unas horas recibí la
siguiente respuesta:
Thanks for your
email. I'm Elizabeth Chang. You were contacted
on behalf of Terry Wong former personal assistant to the former President of
Taiwan Mr. Chen Shui-Bian on private matters. An investment was placed under
his care 5 Years ago, He need assistance in investing this funds into good use.
So I would want to know if you're willing to assist him if so I would provide
you with more details on the matter.
Best regards
Después de que
respondiera a este mail solicitando más detalles sobre esta gran oportunidad,
la respuesta que recibí fue la siguiente:
Thanks for your
response and request for more details.
The information
contained therein is not to be disclosed due to the sensitive nature. It is for
your knowledge only. Mr. Chen Shui-bian is in a difficult predicament with the
Taiwan Government because of his role in politics and the ruling government has
sworn to ruin him because he sponsored a major party against the ruling
government with his Influence.
However, let me give
you some basic details.
Firstly, you must
know that this transaction consist of changing the rights of the funds in
question to your ownership and afterwards transferring same to you for
immediate management/investment in long term profit investment.
Secondly, it is
imperative that the most valuable criteria to qualify you for this transaction
is on the basis that you are practically, financially and technically qualified
to handle and manage such an amount of money. That is not negotiable. This is
because of the basic requirements and confidentiality agreement I signed with
Mr Chen Shui-bian.
This is a brief on
the Placement:
Value of funds: £49
MILLION GBP.
Placement open to:
INDIVIDUALS/COMPANIES.
Areas of Investment
Interest: HEALTH, REAL ESTATE, COAL MINING AND CONSTRUCTION.
Purpose of Funds:
LONG TERM INVESTMENT (AT LEAST) 10-15 YEARS
Client's Full Name:
MR. CHEN SHUI-BIAN.
I have been directly
contacted as a confidential secretary by Mr Chen Shui-bian to recruit a foreign
partner under whose identity the funds will be transferred. For your benefit of
doubt, the objectives are to change the entire identity of the funds to your
ownership as the beneficiary. The funds will be transferred to you ASAP. My
duty is to ensure that the beneficiary documents for this transaction is by all
means satisfied and within the ambit of local/international laws. I am entirely
responsible for the facilitating of the beneficiary documents that will put you
in place as the beneficiary of the funds. Thereafter, you will therefore be
legally qualified to receive the funds into your business/personal bank account
for investment and management purposes only.
Consequently, we may
commence without delay once we have been able to secure your trust and
partnership. The funds will be ready for transfer to you as soon as we have
established a reasonable degree of trust with each other once you have
satisfied the basic qualification requirements. Mr Chen Shui-bian demand utmost
confidentiality as regards his involvement with the funds in question. If you
agree to partner with Mr Chen Shui-Bian, he will compensate you with 20% of the
total sum for your role as the beneficiary partner to the funds and the balance
80% will be invested on behalf of my client by you.
Nonetheless, in
order to commence the re-direction of the funds to you, we will require that
you submit the following information listed below:
Have You In Your
Entire Life Handle Funds Worth One Million GBP Before?
What Is Your Annual
Turnover?
Will You Be Able To
Travel Outside Your Country If Need Be?
Full Names:
Address:
Occupation:
Office Phone No:
Mobile Phone No:
Country:
Scanned copy of your
ID either international passport or drivers license.
The above
information will enable us to determine your qualification for receivership and
subsequent placement of the funds to you. The data will also be used in the
drafting and preparation of all the vital paper documentations in your
particulars before the funds can be transferred you in liquid cash.
As it stands out,
these are the briefs of this proposal. I will be sending you a "Consultant
Non-Disclosure Agreement" for you to read carefully and sign as soon as I
receive the above information's.
You can ring me on
my private telephone number indicated below for comprehensive verbal
communication and explanations.
I await your email
and response.
Después de
recibir esta respuesta no pude dejar de pensar, ¿pero habrá gente que realmente
se pueda creer todo esto y picar el anzuelo? Utiliza algunos trucos muy básicos,
como indicar que se puede contactar telefónicamente en el número indicado para
dar mayor sensación de confianza, aunque luego no indican ningún número de
teléfono.
Después de
contestar enviando datos ficticios, recibí como respuesta el siguiente mail:
Thanks so much for
your email. I would need you to forward this informations to Mr. Terry ( terrysaitakw@gmail.com ) he would provide
you with every other information you require to get the funds. Thanks once
again.
Esto sí que era nuevo para mí
y no tenía ningún sentido. ¿Por qué hacerme enviar los datos a una nueva cuenta
de gmail? Se me ocurren los siguientes motivos:
1.
Realmente
hay más de una persona detrás del fraude y tienen divididas las tareas,
ocupándose los primeros del contacto inicial y pasando luego el contacto al ‘segundo
nivel de soporta al fraude’. Me parece improbable.
2.
Un
nuevo truco para generar confianza en la víctima que tiene la percepción de
estar tratando con una organización aunque el estafador tras ambas cuentas sea
el mismo. Esta hipótesis me parece la más probable.
En cualquier caso, le hice
el forward al tal Mr. Terry y esta fue la siguiente respuesta recibida:
Now I am certain
that you are willing to give the required assistance. Let me reiterate here
that I seek an assistance from you that will benefit us immensely that is why I
am sending you more information to enable you have an in-depth and total
understanding of this transaction before we commence.
I want you to
understand that we are only going to deal with each other in this transaction
as you already know Mr. Chen Shui-Bian is jail. By this I mean, this
transaction is confidential between me and you. This is so because of the
present circumstances surrounding the owner of the funds Mr. Chen Shui-Bian.
And as such, I expect that we keep every dealing entirely confidential between
us.
Find enclosed with
this message, a Non-Disclosure Agreement between my humble self and you. You
are advice to download, print out read and sign the agreement.
As soon as you send
back the signed agreement, I will begin the process of securing the beneficiary
documents in your names.
I will be expecting
the signed agreement, please send back signed page via email attachment.
Sincerely
Tras recibir este
mail pensé que aquí acababa la cadena. El supuesto PDF incluía un regalo no
deseado en forma de malware y éste era el método con el que el estafador
monetizaba la campaña. Pero no, resultó que el PDF no tenía ningún malware y
simplemente simulaba un NDA. Así que lo devolví ‘firmado’ y este fue el
siguiente mail que recibí:
Thanks for the
signed agreement, I am glad that we have reached an agreement and this gives me
a big sign of confidence in you, I am obliged to give you some useful
information's that you alone would be privy to and you alone I insist.
I had to reach out to Mr. Chen Shui-bian personally over some issues and get certain facts straight. As you know Mr. Chen Shui-bian and his family are in difficult predicament with the Taiwanese Government.
Firstly, you must acknowledge that this transaction is a deal and it has to be treated as such and every information's from you and I must be kept confidential, you must not communicate the origin of this transaction to any third party, I am only trying to assist a friend to relocate his funds valued £49 MILLION from the present location without Taiwanese Government awareness because of his political problem.
Secondly, you must understand that the £49 MILLION is NOT directly in my possession; it is currently deposited in the name of an existing legal entity and Mr. Chen Shui-bian cannot directly access the funds because of his present political predicament otherwise the Taiwanese Government will also confiscate the funds and that is why he privately seek your assistance to help him move the funds from the present location for investment in your country. I am assisting him in my own private capacity to help him move the funds from the present location and the Government is not aware of my assistance to him.
The £49M in question is presently deposited as a secured vault deposit with a Private security Bank in London, United Kingdom where some top government officials and politicians keep their money while they are in public office for security and confidential reasons. A vault deposit is not like a regular bank account because a regular bank account can be traced and investigated easily and could put my client into serious trouble or even death penalty in Taiwan because it is forbidden for top government officials to hold such bank account. I do not need to emphasize this point.
As soon as I secured the beneficiary documents that will empower you to the deposit, I have forward your information to Mr. Chen attorney to draft the necessary beneficiary documents in your favor; I will be sending you copies when they are ready on after i obtain it for your safe keeping.
Kindly acknowledge the receipt of this email.
I had to reach out to Mr. Chen Shui-bian personally over some issues and get certain facts straight. As you know Mr. Chen Shui-bian and his family are in difficult predicament with the Taiwanese Government.
Firstly, you must acknowledge that this transaction is a deal and it has to be treated as such and every information's from you and I must be kept confidential, you must not communicate the origin of this transaction to any third party, I am only trying to assist a friend to relocate his funds valued £49 MILLION from the present location without Taiwanese Government awareness because of his political problem.
Secondly, you must understand that the £49 MILLION is NOT directly in my possession; it is currently deposited in the name of an existing legal entity and Mr. Chen Shui-bian cannot directly access the funds because of his present political predicament otherwise the Taiwanese Government will also confiscate the funds and that is why he privately seek your assistance to help him move the funds from the present location for investment in your country. I am assisting him in my own private capacity to help him move the funds from the present location and the Government is not aware of my assistance to him.
The £49M in question is presently deposited as a secured vault deposit with a Private security Bank in London, United Kingdom where some top government officials and politicians keep their money while they are in public office for security and confidential reasons. A vault deposit is not like a regular bank account because a regular bank account can be traced and investigated easily and could put my client into serious trouble or even death penalty in Taiwan because it is forbidden for top government officials to hold such bank account. I do not need to emphasize this point.
As soon as I secured the beneficiary documents that will empower you to the deposit, I have forward your information to Mr. Chen attorney to draft the necessary beneficiary documents in your favor; I will be sending you copies when they are ready on after i obtain it for your safe keeping.
Kindly acknowledge the receipt of this email.
Me encanta lo de “this gives
me a big sign of confidence in you”. J
Y por fin, tras contestar a
este mail recibí el mail pidiéndome que ingresara cierto dinero para que
pudieran poner a mi nombre los fondos de Mr. Chen:
Thank you for your email, I called the mobile number you provided but I can seem to be able to reach you. I am still battling to get the change of beneficiary from Mr. Chen's lawyer because he is requesting for 5,640 pounds to get the documents and I told you prior to this that you will be responsible for all administrative and lawyer's charges which includes Mr. Chen's lawyer because all eyes and the Government are still monitoring our moves in that regime so please try and understand the situation i am in now and to let you know that Mr. Chen's family are in serious financial predicament so that is why we want to repatriate the fund and use it for a good purpose to generate fund for their well being so let me hear from you regarding the payment for the lawyer so that i can furnish you with the account details.
CHINA MERCHANTS BANK
(SHENZHEN SUNGANG SUB -BRANCH)
SWIFT: CMBCCNBSXXX
ADD: No 828 international trade bldg , baoanbei road louohu
shenzhen china.
ACCOUNT NO: 6225
8878 3037 9612
NAME: LIANG MING DE
Best regards
En conclusión,
los métodos de ingeniería social utilizados en este tipo de estafas no
evolucionan, se sigue utilizando el timo nigeriano sin cuidar en exceso las
formas de los mails y basándose en el SPAM (en este caso via linkedin) para
captar víctimas potenciales. Pero es que no necesitan invertir más esfuerzos en
este tipo de campañas. Para los estafadores, una inversión mínima es suficiente, de manera
que con que 1 única víctima pique (y pican...) ya obtienen
un excelente retorno de la inversión.
No hay comentarios:
Publicar un comentario