(Mar. 30, 2023) — “My Dear, a fortune is awaiting you … but it’s locked in an overseas account …”
Sound familiar? You likely have multiple versions of this email in your spam folder. As tempting as it is to think of easy money, the reality is that the Nigerian Prince is a scammer targeting you for money or personal information so they can steal your identity. Unfortunately, internet crimes—even ones with implausible, too-good-to-be-true stories like this—often work. In 2021, the Internet Crime Complaint Center (IC3) reported $6.9 billion in losses to cybercriminals.
Twingate compiled a list of nine common cybercrime characters encountered in criminal schemes through analysis of news reports and cybercrime statistics from the FBI, Federal Communications Commission, Federal Trade Commission, and other sources.
Cyberscammers continually adapt their schemes to evade law enforcement, with the latest scams leveraging “smishing” techniques—phishing for information through SMS/text messaging. In September 2022, RoboKiller estimated that the sheer volume of robotexts sent out is equivalent to every person in the U.S. receiving an average of 57 per day.
Another popular scam is the Business Email Compromise, in which criminals pretend they’re sending an email from a company account in order to fool an employee into thinking they’re colleagues. The victim then unwittingly transfers company funds to the criminal.
If you’ve been the victim of a cyberscam, report it to IC3. They’ll share the information with the proper authorities and alert the public. Read on to learn more about frequently encountered cybercrime personas.
The Nigerian Prince
When it comes to cyberscams, just about everyone’s been contacted by a Nigerian prince or someone similar recounting a fabulous story about a fortune that they can’t access—without your help, that is. If you just front them some money—or better yet, your bank account information—they’ll be able to get back their rightful fortune and share their windfall with you.
This type of scam is called an advance-fee scheme—you pay a “processing fee” up front and never get the delivered goods, loan, or credit. Legitimate businesses don’t guarantee funds up front and don’t ask for your personal information over email or text.
Ironically, in 2019 a real Nigerian prince named Osmond Eweka did scam hundreds of people looking for jobs. He agreed to a plea deal that kept him out of prison but cost him $50,000 in restitution.
The Federal Student Loan Administrator
President Biden barely finished announcing the government’s new initiative to cancel up to $20,000 in federal student loans before scammers ramped up efforts to bilk people out of money. With the Federal Student Loan Administrator scheme, these scammers leverage telemarketers, texts, and emails to contact people—even if they don’t have student loans—with promises of debt forgiveness if they act quickly.
The scam tries to get them to pay upfront for services (that may or may not exist) to reduce loan payments, discharge a student loan, or forgive a loan. It does so with scare tactics like saying the program window is closing, or it’s only for those who sign up right away. Scammers also try to phish for data, particularly looking for FSA ID usernames and passwords that can be used as legal signatures.
The Federal Trade Commission tells consumers to be careful of these scams because the federal student loan payment pause and the loan forgiveness programs are actually free of charge and no service can get you into them faster.
The Phishing Boss
Phishing scammers will use public information about a company to pose as your boss to try to get money or information. The email looks legitimate because the “from” line is your boss’s name, but the actual email address will often have a discreet typo in it.
The message itself usually asks for something urgently—paying an invoice, doing a wire transfer, or buying and sending them gift cards to pay for a company party, which of course you’ll get reimbursed for as a business expense. With all of these schemes, they need to be done ASAP, and your boss is “tied up in a meeting” so you can’t call them about it. If that sounds suspicious, it likely is, but many people are still fooled by them. The FBI’s Internet Crime Complaint Center found that these types of scams bilked people out of $2.4 billion in 2021.
The IRS Agent
The IRS Agent scam has been around for a long time, with scammers trying to get your personal or financial information over the phone or via email. Since fall 2020, this scam is more frequently perpetrated through text or SMS, also known as smishing.
One example text offers you tax relief due to a disaster. All you have to do is update your information and submit an application through the link provided. Sometimes you can find typos in the text that will be a red flag for fraud, but the easiest way to avoid being duped by this scam is to know that the IRS doesn’t ask for information verification through text or email. The IRS preferred method of communication is snail mail or a live phone call (not a recorded message).
The Vehicle Warranty Department Professional
Many people are on to the auto warranty scam—maybe because of the incessant robocalls they get. In 2021, nearly 13 billion scam calls tried to get people to purchase a service contract that costs a lot of money, but doesn’t provide much in the way of actual coverage. These scammers are crafty though because sometimes they know the actual make and model of your car, which makes the call seem more legitimate. In 2021 this scam topped the list of customer complaints with the FCC. It proved to be such a nuisance that in July 2022, the FCC announced a new campaign to block these types of robocalls.
The Phone Company Bill Collector
Of the nearly 88 billion spam texts sent in 2021, some of them look like they’re from your own phone number. In this scam, phishers pose as your cell phone company, and spoof—or disguise—the number they’re using to text. These scammers often offer a so-called reward as a thank-you for consistently paying your bill on time. But to get the reward, you’ve got to click on the link and share some information. The text may also indicate that you have to take advantage of the offer urgently because it’s only valid that day.
The Aid Worker
Scammers see global crises as opportunities to separate well-meaning people from their money. The war in Ukraine has spurred an increase in the amount of fraudulent solicitations for donations to support humanitarian aid efforts in Eastern Europe.
In this type of scheme, criminals play on people’s emotions and sympathy to support a worthy cause. They pose as an individual who needs immediate financial assistance or an organization that’s trying to raise money—except that there’s no actual humanitarian organization behind the email. If you don’t know the individual or charity that sent an email or text, don’t respond, open attachments, click on links, or give them money. If you want to support humanitarian efforts, first research the charity online to make sure it’s legitimate, or find verified charities on Charity Navigator.
The Tech Support Guy
Even if you’re tech-savvy, there’s a chance you could still get ripped off by the Tech Support Guy scheme. This scam manifests mainly through pop-up warnings or phone calls. The plan is to make you think there’s a virus on your computer or other suspicious activity, and if you click the link or call a phone number, you can get the virus resolved. This often results in paying unnecessary fees or allowing someone to access your computer remotely, which also gives the criminals access to all of your files.
Scammers have gotten sophisticated with this scheme, even using company logos to make their pop-ups look legit. However, legitimate tech companies won’t monitor your computer, which means they also won’t contact you or ask you to contact them about specific problems on your machine.
The Package Delivery Company
With the growth of online shopping and package delivery during the pandemic, delivery scams sprung up to trick people into giving money and information to nefarious characters. Variations of this scam happen through text, email, phone, and even fake “missed delivery” tags left on your door. They can ask you to click a link or call a number for more information.
Clicking a link in a text or email can result in malware being installed on your phone to capture your personal information. Scam calls can trick you into thinking you have to verify the credit card number you used on a purchase, which criminals can then exploit for their own purposes.
Thwart this scam by going back to your original purchase receipt and tracking packages through the retailer. Also know that major delivery companies like FedEx and UPS won’t send unsolicited communication seeking your personal payment information.