Romance Scams, the IRS, and Your Business

What happens on Facebook, probably won’t stay on Facebook. Facebook is the go-to site for hackers, spammers, and scammers. Here, they can find email addresses to spam, personal information that can be used to construct phishing emails, and a convenient place to put up a bogus site to give legitimacy to their romance scams. Some of these scams have begun to compromise corporations and US government agencies. Yes, that’s right. The US government has been victimized by romance scams; more on that later.

I wrote previously on romance scams (An Analysis of a Romance Scam Letter: Implications for Businesses ) and, from time to time, I have received comments and requests from women (they were all women) who were scammed or were wondering if they were being scammed. Because such communications have shown a sharp increase recently, I suspect that these scammers 1) are getting better, 2) have become more numerous, or 3) have, for some reason, ramped up their attacks. They seem to be getting better at disguising their scams and targeting their victims and, since almost all romance scammers who target women are from Nigeria, attacks have probably increased because the Nigerian economy is on the rocks. This may be the first time anyone has tied the increase in romance scams to the falling price of oil.

So let’s take a look at who these scammers target and how they find their victims. This may be important for companies or organizations who may want to identify employees who could be vulnerable to such attacks. Think of these scammers as a pack of wolves (which is not a bad analogy). Wolves are not going to target the strongest animals in a pack. They will look for weaknesses. Here is a list of ‘weaknesses’ that scammers look for. I put a point value next to each of them. This may seem politically incorrect but I am simply reflecting the mindset of a romance scammer. (I am referring to women here, but some of these may also apply to men.)

Over 40-years-old (+1, and an additional +1 for every five years thereafter)

Divorced/widowed (+1)

Handicapped or having a medical condition (+2)

Having a profile on a dating site (+2)

Having children (+1) Having young children <5-years-old (+2)

Being religious (+1)

Being from a racial or ethnic minority (+1)

Average or below physical attractiveness (+1)

Looking for marriage/soulmate/life partner (+1)

Being a nonnative English speaker (+1)

To a scammer, these are signs of being needy or desperate and they will exploit these to the fullest, matching their words to the victim’s needs.

A woman I know recently sent me a letter from a man who contacted her on Facebook. The letter was not as poorly designed as ones I had analyzed in the past, but it still contained nonnative English errors. However, since the woman was a nonnative English speaker, she may not have detected these errors. Here are a few of them which tipped me off that this was a scam.

“I spent some time of my life in turkey”

“And finally i moved to America where i live with my Daughter now” (Notice the inconsistencies in capitalization in both examples)

“I work as an Engineer in an oil shipping cargo.” (Huh? They are always engineers, unless they are in the military, and they all seem to work in the oil industry.)

“I lost my wife few years ago when she was shot by a stray bullet,when she was working for the united nation as a medical doctor in syria.” (Yeah, they all have had some tragedy, usually losing a wife or child. They have learned that women will sympathize with this and can be lured into the trap.)

“I enjoy painting which I do often at my leisure time. I like going to the movies, or watching movies in my room or Cabin, I like swimming, listening to music and dance to any kind of music. I am a family oriented person, love children” (They match their likes to the likes of the victim. This they learn from social media sites such as Facebook and dating profiles.)

“I even want to learn about the secrets you very rarely share with someone” (I put this here because it was this sentence that gave him away. It is part of a common template used by Nigerian scammers.)

The woman was sent to a Facebook site that displayed the picture of a Russian architect named Sergei Estrin. However, the name he had given her was, Douglas Emerson.

dug

Poor Sergei must have posted a lot of public photos of himself over the years as they are commonly used by scammers to con middle-aged and elderly women. You can see an array of them here. To show how ignorant these scammers are, they sometimes use pictures of well known people. I wrote before on how one woman was surprised to see that, poor, lonely, George Clooney was contacting her. Other women have been contacted by British Prime Minister, David Cameron or by Prince Harry, both of whom have sadly suffered a loss in their ability to use the English language.

The first time I looked at this particular scammer’s Facebook page, it was at the minimalist level – one photo and a few bits of information – a typical fake profile. He now appears to have attracted some victims and so has added several more photos. All of his potential victims are middle-aged, nonnative speakers who appear to be divorced or widowed with children (They would score 7-9 on the above rating system). He appears to have found them by using friends of friends and sending them all the same message via Facebook. Facebook allows you to send up to 150 messages at a time. Remember, a scammer only need to hook a few women to make some money. (I sent a report to Facebook to have the site removed. They responded the next day and said they had sent the owner of the site a notice to allow him to explain himself. The site temporarily disappeared but has since returned. Facebook said there was nothing wrong with the site. Well, I tried.)

It should be noted that the appearance of a scammer on Facebook indicates the flowering of a dating scam. The Facebook account is an attempt to legitimize the scammer as a real person (the person he claims to be). Sure, they can use this as a platform to troll for other victims, sending friends of their targets romantic letters, but they have usually done their main work elsewhere.

More often than not, these scams begin on dating sites. I have connected the scammer above to religion-based dating sites (Christian and Muslim). Notice the religious angle on his Skype page. Here, he appears as David Ray.

scammer skype

The scammer also apparently targets African-American dating sites. At least his letter appears on them, if not his photo. The letters will be fine-tuned to appeal to women on these sites. Of course, many different scammers may use the same letters as well as the same photos, so that does not prove one scammer is responsible for everything. However, you have to wonder how scammers can continue to make it on to dating sites at all? Surely, they must be easy to spot by now.

To be honest, most dating sites are scams in themselves. Even the best sites have been found to have at least 10% of their profiles as fake. Some free sites are almost entirely made up of fake profiles. How is this possible? Easy. You can buy dating profiles for your new dating site. It will cost you $8.00 for “10,000 genuine dating profiles with MULTIPLE PHOTOS”. You can even select the profiles of your daters. (Here is the ‘menu’ of profiles you can choose to have on your new site.)

dating profile menu

I know what you’re asking: Is this legal? Technically, yes. On most dating sites, buried in the terms and conditions, is the clause stating that your profile can be shared with other dating sites. What is particularly disturbing is that these profiles come with email addresses, location information, and other personal information, such as whether the person is divorced, has children, or is religious. They will also come with an array of interests and hobbies. By simply paying a small amount of money, a scammer could, theoretically, bypass dating sites entirely and work on scamming people listed in the purchased profiles.

But wait! There’s more! Anyone can set up their own dating site for free! Yes, that’s right. A number of companies will give you free templates and other support to start your own niche dating website. The catch is that you’ve got to give them a lot of information to register, such as your email address and Skype username. You’d also have to pay for some extra services. The fact that free dating site platforms exist explains the proliferation of niche dating sites, some of which border on the bizarre, such as a dating site for people who like zombies, have food allergies, or like to dress up as cartoon characters. (I only wish I was making this up.) But if you were a scammer, you could use your free website to target middle-aged, divorced women with kids. Your newly purchased profiles can then be used to get the appropriate women to come to you. Are Nigerian romance scammers actually doing this? I suspect they are, but it would be difficult to prove.

In the end, the scammers are in this for one thing, money. Eventually, the wonderful man you’ve been falling in love with will have an emergency of some sort and will ask for money. The excuse may even seem valid. Others seem bizarre, like the guy who had his ship hijacked by pirates and needed ransom money. They don’t care about the lives they ruin any more than wolves care about the deer they just killed. Many of the scammers are so proud of their work and so unconcerned about being caught that they even put photos of their financial conquests online, as can be seen below.

scammer with money

Scammers aren’t concerned about being caught because little has been done to prosecute them…until recently. As long as these scammers were wiping out the bank accounts of individual men and women, law enforcement agencies could brush them aside by blaming the victim for being naïve. However, in 2014, it was reported that Nigerian scammers were changing their tactics, employing off-the-shelf RATs (remote access Trojans) to take over individual computers and steal passwords and other personal data. They could install this malware through a traditional phishing attack by making a victim click on a link or attachment in an email. This is normally a hit and miss strategy. But what if the scammer already knew the victim through an online dating site? What if they had started communicating with the victim, had their email address, and then sent them a file which included the malware? Since the victim would know the scammer, the chances of the attachment actually being opened would increase dramatically. Once in control of the victim’s computer, they would also have access to any network that the victim had permission to access. In other words, they would have access to company information which could include large amounts of employee data that could subsequently be used to commit identity theft.

And that brings us to the IRS hack of last year that cost the government $50 million. The attackers got copies of past tax forms from the IRS website by being able to provide the necessary identification plus answer some personal questions about the victims. It was really more of a con job than a hack. If the attackers had already been romance scamming these victims and already knew a lot of their personal information, they would be able to pass the validation test. They could even ask a victim, in real time, to supply the necessary information to pass the authentication test if they wanted to.

The IRS initially blamed the attack on Russian hackers, and, who knows, the IRS may have been hacked by more than one group. However, in October of last year, it was reported that the hackers sent the money they stole (by getting refunds from the IRS) to around 5,000 US bank accounts. It now appears that these accounts may be associated with people scammed by Nigerian romance scammers. The scammers will often tell their victims that they need their help in transferring some money to Nigeria. They tell the victims that money would be sent to the victims’ bank accounts (often for some unspecified business deal) and they should, upon receiving the money, make a Western Union transfer of the money to Nigeria. So far, only one woman was linked to this Nigerian network and if there are more, the government isn’t talking.

Would it be possible for cyber thieves to use a network of romance scam victims as ‘money mules’? It should be no problem, especially if the romance scammers get paid for helping with these transfers. This may be just the tip of a huge cyber criminal iceberg. One thing is certain, however. The government will have to begin taking romance scams a whole lot more seriously.

 

About Steve Mierzejewski

Marketing consultant for InZero Systems, developer of the next generation in hardware-separated security, WorkPlay Technology. I've worked in Poland, Japan, Korea, China, and Afghanistan. I'm a writer, technical editor, and an educator. I also do some work as a test developer for Michigan State University.
This entry was posted in Uncategorized and tagged , , , , , , . Bookmark the permalink.

2 Responses to Romance Scams, the IRS, and Your Business

  1. Judith Schwartz says:

    Thanks for this article and I’m glad I found it to verify this was a scam. His photo is being used on OK Cupid, it said Roland Naomi and he told me his name was Roland Albert. He contacted me and can hardly write english and what man goes to bible study on Friday nights? Dead give away.

    Like

  2. Glad I could help. Make sure you block him on Facebook etc. I tried to get his profile removed but Facebook is useless.

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s