The Nigerian fake inheritance scam scheme used by cyber criminals years ago via email, it appeared again in 2022 through messages in Telegram. The deception seeks that the victims voluntarily deliver sensitive data that may violate their financial security.
As reported by the cybersecurity company, ESET Latin America, this scheme consists of making users believe that they were randomly contacted with mass messagesthat an important person from Nigeria was looking for a person to leave his fortune to.
The story used by scammers may vary its details, but the background is the same in all cases: a person, unknown to users, contacts them to tell them that he wants to inherit money from them because he has a terminal illness and that, for what can be see their profiles on social networksthe victims are trustworthy people whom you want to benefit.
However, all this information is false. The ESET report indicates that, even if an area code belonging to an African country is used, photos that increase the credibility of the situation are sent or even video callsthis is a scam that seeks to steal money from victims.
What happens, in the event that users agree to continue with the supposed delivery of the “inheritance”, is that the person who contacts them shares a phone number that belongs to a supposed lawyer whom they must contact to coordinate details of the delivery of money.
At that moment, the fake lawyer shares a form with the data that is needed to be able to deliver the money, although additionally the payment of a “tax” is requested so that the shipment is made effective. In case the victims make this payment, the cybercriminals will keep the people’s money and they will not receive anything.
Alerts in messages
One of the most common cyber attacks is phishingis characterized as a threat that supplants the name or appearance of a reliable company to deceive their victims. Their goal is to get them to click on malicious links so they can steal your credentials. Usually these scams are sent via email.
According to Kaspersky, if an email asks to perform an action such as going to a link or downloading an attachment, claiming to be important with a “personal request from the CEO” or something that “must be paid in the next few hours”, it is safest to let it be one trap.
Links should not be opened email direct you to external sites that request personal information; nor download or open files that are executable (such as .exe), nor perform actions related to Money transfers.
It can also be checked from the header of the note if it is a malicious mailbecause the address must match the sender, for example, if it says that it is an urgent email from Google, then the email should be “@google.com” and not “@donitas.com” or any other.
: