]]>419 scammers normally send unsolicited scam emails from free email accounts such as hotmail, yahoo, myway, etc. However, we came across a special case where a Nigerian scammer sends out mails from an email account belonging to a victim, to several friends and relatives.

Based on our understanding, the scam consists of 2 parts, firstly a phishing method, followed by the usually “money transfer”, but with a different twist.

Firstly, the Nigerians uses “phishing” scam to obtain the email account information of a victim. Its just like those phishing emails we see often, except that this phishing scam is targeted at hacking the victim’s free email account, and in this case its a hotmail account.

Once the scammers got hold of the email account of the victim, they will send out emails to the addresses of those people known to the victim requesting for money due to distress. This is where the fake money transfer story comes in, i.e. the “victim” writing to his sister asking for help to transfer some cash over due to lost wallet/tickets, etc. Thinking that the “victim” really was in distress, some of his/her friends will send the money over, but to the scammer.

The victim could be kept in the dark unless someone he knows receives the mail and call to check it out – which is exactly what the person did in this news story. <Edit>Another point to note is that the eventual victim(s) in this particular case are those who send the money over, and not the person whose email account was hacked (thanks for pointing out)</End Edit>. There are other comments in the news article, please take a look.