No, you haven't won a free grand piano — it's a phishing scam
Don't pay for shipping for things you didn't order
A new variant of the famed “Nigerian prince” email scam is making rounds, and judging by the information uncovered so far, it’s quite successful.
For those unaware, the “Nigerian prince” email scam is almost as old as email itself. In it, a scammer will impersonate a Nigerian royalty (or similar) and will claim that for whatever reason, they need to pull their funds out of the country and flee. However, since sending money anywhere familiar will raise suspicion, the fraudster picked a person at random. Once the withdrawal is successful and the prince is out of the country, the victim should return the funds and claim a prize.
There are countless variants of this type of fraud, but this particular instance, spotted by Proofpoint, the fraudster claims to be giving away a grand piano (they can be quite expensive, especially if they’re older and/or a rarity). They are giving away the instrument due to unforeseen circumstances such as the death of a family member. The only thing the victim should do is pay for the shipping.
Hundreds of thousands of dollars
Obviously, once the victim pays, they never hear from the piano owners again.
They can make the payment via different platforms, from PayPal to Bitcoin. Proofpoint found one Bitcoin address possibly linked to the campaign and found $900,000 sitting in the wallet.
While this might mean that the campaign is super successful, it is also worth mentioning that the volume of the transactions is quite large, and that the transaction prices differ. It could be that a larger group is running multiple scams at the same time, and are all pooling the funds into the same account.
In any case, there were more than 125,000 piano scam emails sent since January this year.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Ironically enough, Proofpoint managed to pinpoint the IP address of one of the fraudsters and it seems that they’re based in - Nigeria.
More from TechRadar Pro
- Thousands of fake cryptocurrency sites trap users in fake reward schemes
- Here's a list of the best firewalls today
- These are the best endpoint protection tools right now
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.