At first blush it seems like a typical 419 (or Nigerian letter) scam - the standard e-mail directing the intended victim to do certain things that supposedly result in a huge payoff to the latter.
But there's one key difference: many such messages are now being sent to the personal contacts list of unsuspecting users whose Web e-mail accounts have been hacked.
- Products 22%
- Financial 19%
- Internet 18%
- Health 17%
- Scams 8%
- Fraud 6%
- Leisure 5%
- Adult 5%
Welcome to the 419 scam with a twist, documented by the July 2008 monthly 'The State of Spam' report put out by security company US-based Symantec.
Symantec's latest report cites an actual case to illustrate the modus operandi.
The user's Web mail account was hacked and the rogue 419 email was sent to his personal contacts.
"Friends and colleagues received the request for assistance and were urged to respond via e-mail only," the Symantec report says. "As the hacker took over the user's account, the real owner would not have known about the e-mail, if recipients fell for the scam."
To make the message appear more authentic, the account owner's auto-signature was appended at the end of the message.
In this particular case, the scam did not end there.
According to the Symantec report, after capturing the e-mail account, the hacker got the owner's online auction site password e-mailed to the account.
"The hacker then began bidding on a number of laptops being sold in the UK and instructed that the laptops be sent to Nigeria."
This scam was not isolated to one particular Web mail provider or organization, the report noted.
Bogus "account expiry notifications" are commonly used by cyber crooks to gain e-mail account information and then take over these accounts, the study suggests.
It urges users to be wary of such notifications and not "provide their account details unwittingly to a third party."