I’ve Got 10 Kilos Of GOLD I Want To Share With You!

image My Australian friend Rod, a security developer executive, regularly forwards copies of scam emails that his company detects, through their various Internet  resources.

I’m very appreciative that Rod takes the time to do this, since it keeps me in the loop at the company level on email scams and malware threats. And,  it gives me a chance to LMAO – some of these emails are outrageously funny.

Every get one of those emails? Sure you have. In fact, you probably get a lot of emails similar to the one below, recently forwarded by Rod – this one is particularly ridiculous. But, that’s the point in using it as an illustrative example.

Anyone with an email address is bound to be bombarded with this type of scam email (including the misspellings, lack of punctuation, incorrect grammatical usage, etc.).

How are you doing sir/madam? My name is Mr. Twum a 25 year old man, please dont be surprise i got your email from yahoo. i have 10kilogram of AU RAW GOLD, i got this Gold as a beneficiary from my parent as their only son . i dont know much about Gold so i am here looking for someone who can lecture me on how i can sell the Gold and how much it worth at the market.

please note that i have all legal documentation from my late dad before he passed away and on one of the documents, It is said the specification of the gold is,

QUALITY : 22+Carat with a minimum

PURITY : 96% Or Better

Origin : Ghana.

And i am ready to send sample to you to test and see if it is Gold as i can read clearly.

if you so interested. have a nice day and enjoy your day

hope to hear from you soon

Opening this type of email is definitely not recommended (despite the humor), since, at a minimum, opening one lets the spammers/scammers know that your email address is “live”. Generally not a good idea, since this virtually guarantees you will receive a lot more spam.

We’ re all pretty curious, and spammers/scammers, being experts at social engineering – “the act of manipulating people into performing actions or divulging confidential information, for the purpose of fraud, or computer system access”, rely on this to manipulate victims into opening this type of email.

While there may be some dispute as to whether “curiosity killed the cat”, there is no dispute as to the likely outcome of following the instructions contained in emails of this type because of curiosity.

For those who are swept away by an overriding curiosity  – go ahead and click and then follow the instructions. But before you do, make sure you have:

A current backup CD/DVD or other media containing your irreplaceable files – you’re going to need it.

Your original operating system install disk – you’ll need this too.

Your system and peripherals driver disks. Without these you’re going to spend hours on the Internet locating (if your lucky), drivers that were written specifically for your hardware and peripherals.

You can save yourself all this trouble, and heartache, just by one simple action, or more properly; by a single inaction. Don’t click!

Scam emails like this are designed, and crafted, to seek out financial information from you, or from your computer, that can be used to steal your money and your identity. As well, they can be designed to install various types of malware  that can have drastic consequences for your system’s stability.

You may well be curious when it comes to emails like this, but don’t let your curiosity override your common sense. Security experts argue (none too successfully it seems), that a significant number of malware infections could be avoided if users stopped “just clicking haphazardly”, or opening the type of files that are clearly dangerous.

You may be lucky, and you may be able to recover control of your computer if your anti-malware applications are up to date, and the malware signature recognize the intruder as malware.

But I wouldn’t count on it. Often, anti-malware programs that rely on a definition database can be behind the curve in recognizing the newest threats.

It is beyond dispute that the Internet now fits the criteria of a world that is not just perceived to be, but is in fact, personally threatening to uninformed or casual Internet users. I could go on, but I think the message here is clear. Think carefully before you click.

Despite every warning under the sun, there are people who will open this type of email. And, in that group, there will be people who will respond. If you’re having trouble believing this – believe it. If this type of scam didn’t show results, we wouldn’t have to deal with them on a constant basis.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

14 Comments

Filed under cybercrime, Don't Get Scammed, Don't Get Hacked, Email, email scams, internet scams, Online Safety, spam, Windows Tips and Tools

14 responses to “I’ve Got 10 Kilos Of GOLD I Want To Share With You!

  1. Hey Bill,

    Are you trying to tell me that he really doesn’t have Gold to send you?

    😛

    I never got the gold emails, I always get the grandmother emails that want to entrust me with millions.

    TeX

    • Hey TeX,

      I hate to disappoint (and I know how you feel), but no – there ain’t no Gold in them thar emails 🙂

      BTW, if you can spare a few bucks from all those millions, I’m into taking contributions.

      Best,

      Bill

  2. Ahmed Helmy

    Hello Bill,,
    how is it possible to get infected by just reading the email? even if ididnot download the attachment file?

    • Good question Ahmed,

      It’s quite possible to become infected just by viewing an email. Any email that contains html elements can contain additional malware code; particularly emails that contain images. You’ll notice that often, a spam email will contain instructions to “click here”, if you can’t see the image.

      The preview panel in an onboard email client, can be enough to trigger malware without the user taking ANY action. This is one reason why I won’t have such a program on my machines. Strange as it may seem, Webmail can actually be safer.

      You and I, as experienced users, are aware of the fundamentals – most average users unfortunately, are not.

      Bill

  3. Liam O' Moulain

    As usual Bill, a very thoughtful article.

    Thanks for this.

    Liam

  4. Bill,
    Excellent article that brings home the best practice of not opening mail that looks suspicious. I appreciate your continual efforts to educate the masses on these important points.
    Best,
    Paul

  5. Ranjan

    Hey Bill,
    As always, an informative article.. Thanks for keeping us aware of the different varieties of spam out there…
    Couple of questions pls..
    1.How could the spammers know if we’ve opened their mail or not..? Is it similar to the ‘Read receipt’ feature used in forums which is all about the script thingy?
    2. Can i upgrade from KIS 11.0.0.232 to KIS 11.0.1.400 without uninstalling the earlier i.e. over-writing the previous installation with the new one? Is it a good idea? Sorry for the off-topic..

    • Hey Ranjan,

      Yes it is, although there is some dispute in the tech community as to the effectiveness. I’ll err on the side of caution on this one, though. As well, if the recipient clicks on “show image”, a copy of the image is then requested from the server, and that action confirms the email has been opened.

      I don’t use, nor have I tested Kaspersky, but it seems to me, if a deletion of a previous install is required, this would be handled automatically by the new installer. This is pretty typical I think.

      Bill

  6. Mal

    Hey Bill,

    That sure is a funny one you showed as an example today. It looks like it was written by a 5 year old. I’m with you on no email clients too. All that crap can stay on the web, not my machine.

    Cheers

    • Hey Mal,

      For sure. Some days I just ROFL.

      Lots of good things are coming out of Australia these day – including your comments, of course. 🙂

      Have a great week.

      Best,

      Bill

  7. Siam

    One option for Gmail users who are curious is to use the Gmail Labs extension “Message Sneak Peek”, which allows you to “Peek into a conversation without opening it by right-clicking on a message in your inbox”. I am guilty of using this to have the occasional giggle at this type of email. Having said that, I’m hoping you’re not going to tell me that I’m opening myself up for a malware attack! On another note, I have inadvertently opened this type of spam when it’s gone into my inbox and I haven’t been awake enough to realise it. Fortunately there’s been no damage, but what I’m wondering, Bill, is: With these emails that can unleash malware, is Geswall sufficient to stop anything malicious getting through?

    • Hey Siam.

      I really understand – it’s hard not to take a peek since some of these emails are hilarious.

      On a more serious note – yes, GeSWall offers excellent protection. But as an astute user, I know that you’re aware, that there is no one perfect solution.

      Best,

      Bill