email phishing scams

Top Nigerian scammer behind the popular scams, only known as "Mike" was recently apprehended in Port-Harcourt by INTERPOL and the Nigerian security agency. The team is said to have scammed people globally, and their scam is worth $60m.

               

Mike is the leader of the fraudulent team, and their operations involve using malware to compromise email and also romance scams. According to INTERPOL, "In one case, a target was conned into paying out $15.4 m"

Mike also runs a money laundering service in US, Europe and China;

The network compromised email accounts of small to medium-sized businesses around the world including in Australia, Canada, India, Malaysia, Romania, South Africa, Thailand and the United States.

Then Mike and his team would send email to buyers on how to make payments to account under their control.

The suspect and accomplice involved in the scam will face charges including hacking, conspiracy and obtaining money under false pretences.

At the moment of writing, the men are out of jail after meeting their bail requirement.

Categories:

It's the era of 2-way verification code to protect users from hackers getting into their account. Email services like Gmail and Yahoo have adopted this method of login to protect email users. 

But cybercriminals might have devised a method to bypass this method and get into users email account, just by knowing their email account and phone number. This type of social engineering will trick you into giving your account to the wrong hand. The hacker does not need a coding skill or any special technical skill.

             

This phishing scam can affect gmail, outlook or yahoo email services since they all use the same method for both login or password recovery. The phishing scam is labelled password recovery scam.

The Password Recovery Scam

The user logs into the email service and click on forget password just like you would do if you "forget my password". Though there are several methods for recovery, but the attacker will select the SMS method, allowing your email service provider send you a code via SMS. 

When the soon-would-be-victim get an unexpected text message from their email provider, it is time for the next step for the hacker. He will send the victim another text in this format.

   This is Google. There has been unauthorized activity on your account. Please reply with your verification code.

             

Please note that the statement above can be in any format, don't expect same format. The attacker sends the message from his own phone, pretending to be the email provider. 

If you don't know and reply the hacker with your verification code, the hacker can change your password immediately and have a complete control of your account.

How To Avoid Password Recovery Scam

1. Ignore all unsolicited messages, report the number to the police.

2. Email services never needs you to send your code, they send you the code, why ask you again. Be Smart

Watch Video to learn more: