homepage Welcome to WebmasterWorld Guest from
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Visit PubCon.com
Home / Forums Index / WebmasterWorld / Ecommerce
Forum Library, Charter, Moderators: buckworks

Ecommerce Forum

A new form of a Nigerian Scam!
These scammers are getting a bit better, so I figured I would share this.

 5:55 pm on Mar 9, 2009 (gmt 0)

This is the newest and latest level of how they try to fool your sales people. They send an email to you, inquiring about purchasing a product, on the bottom of the email, they put their contact information and actually ask you to make a telephone call to them. Example:

Mr. Iam An Example
123 Main Street
Somewhere, Ohio 00000
Telephone number (614) 000-0000

Now, to the eye this might look normal if you read the email, if you cross check the area code of the telephone number it shows that it is in Somewhere, Ohio. Check the address and it is an apartment complex. Better yet, you call the telephone number, guess what it rings and someone answers via a telephone forwarding service that reroutes the call overseas.

Now, I personally made the call and fortunately, heard some extra clicks and dials of the phone forwarding system that the scammer used, then talked to a guy with a real heavy accent. Something did not feel right at that point, so I checked the IP address on the email and bam, it was from Nigeria.

These scammers are getting better all the time. We have contemplated banning all IP addresses that come from Africa, but we know eventually they will get around this by using proxies or by using the internet from another country.

Just thought I would share this so you can inform your own people to look out for this. I now warned my employees about this new form of a scam, because some of them might not have caught this themselves and actually taken an order, charged a credit card and shipped product which would have been a bad situation.



 6:13 pm on Mar 9, 2009 (gmt 0)

Thanks for the heads up! We usually look at the IP address for any orders that have other red flags. But will now add IP checking to the initial red flag detection.


 5:32 am on Mar 10, 2009 (gmt 0)

Thank you for the heads up as well! No doubt a new way to scam us all! When are the credit card processors going to take some form of responsibility for all the fraud?

Trinorth you would be wise to implement the country block via CSF/LFD (if unix based server). That firewall setup has single handedly removed 99% of fraud from our servers originating in countries we do not want business obviously.

[edited by: MLHmptn at 5:40 am (utc) on Mar. 10, 2009]


 12:37 pm on Mar 10, 2009 (gmt 0)

IP checking on email is a good step, MLHmptn, we are taking your advice on country blocking. Thanks for the tip.


 3:05 pm on Mar 10, 2009 (gmt 0)

IP Checking is a must these days. I highly recommend using Maxmind for online payment verifications.... it checks ip, address as well as the email address.

Personally I have blocked almost all of africa from even viewing our site. We dont list an email address, but they have to contact us through a form which also snags their ip and checks it so that our sales people do not waste their time.


 4:48 pm on Mar 10, 2009 (gmt 0)

These scammers are getting better all the time.

Mostly they still just use the old Spanish prisoner scam from 100 years ago and advance fee deals that have been around forever. It would be interesting to see new, more clever variations. As tough times hit Europe, Asia and the West, we surely will!

Firms using inexperienced employees to fill orders should have supervisors sign off on large orders. Most people on this group have never come close to falling for these scams.

It isn't a brilliant scam when only one or two people in 10 million falls for it. These are more like bank burglaries where the crook finds the door open at night and the safe accidentally left unlocked (that does happen, by the way)


 12:35 pm on Mar 11, 2009 (gmt 0)

I have noticed that the typical scam emails "I want to order your products do you take credit cards" have become more focused, especially the ones from Australia. These now mention actual products on my site as well as products just in my niche.


 1:26 pm on Mar 11, 2009 (gmt 0)

With us it is still no mention of the actual products .. just "do you have a website" & "do you accept credit card for payment".

After playing along with a couple of these scams in the last 6 months, it turns out that they are not interested in stealing the products at all. They want you to forward the shipping payment to "their shipper" by Western Union and tack on the shipping charges on a stolen credit card. So they are cutting corners and trying to get right to the cash ASAP. They quickly give you the email address of "their shipper" who will have an address like billybobsshipping @ free email.com .

[edited by: Rugles at 1:27 pm (utc) on Mar. 11, 2009]


 1:41 pm on Mar 11, 2009 (gmt 0)

"I want buy your products.
I need large amount by air express.
Email and tell me what you sell"

About as sophisticated as pounding an old lady over the head with a sledge hammer and taking her coin purse!

Sadly, we're seeing the return of a far worse problem in our b/m business... bad checks. They had become almost extinct in the past decade. The financial loss isn't huge, but check fraud is very time consuming.


 2:55 pm on Mar 11, 2009 (gmt 0)

As unsophisticated as it seems, they must have enough success to keep it going.

Go figure,


 3:15 pm on Mar 11, 2009 (gmt 0)

The amount of work they are doing they could put into a real job. That's the part I don't get.


 4:06 pm on Mar 11, 2009 (gmt 0)

Have you ever seen a site that sells EXCLUSIVELY to Nigerians?

Just found a U.S. located site that sells bridal dresses for export to Nigeria. There's no phone or address shown although the domain is registered to a Nigerian name in Ohio. Would anyone buy expensive dresses for a wedding without even phoning the seller?

Very odd that all the dresses are the same retail price. Google shows almost no incoming links. They go into some detail about their secure shipping methods which use USPS into Nigeria.

To get pricing info or to buy, a shopper has to register his email address first.

Look up "omooba" in G. Seems scammy, or very inept at best.


 7:30 pm on Mar 11, 2009 (gmt 0)

RE: IP address checking: we do it also, but I don't rely on it too much. I'm pretty sure scammers will figure out proxies and ways to make this look legit pretty soon. Unfortunately, they're smart.


 7:36 pm on Mar 11, 2009 (gmt 0)

fortunately, heard some extra clicks and dials of the phone forwarding system that the scammer used

Just a FYI, I can get a telephone number in any of 180 countries and have it forwarded to a Nigerian phone without the clicks and dials you spotted. So don't rely on lack of clicks and dials as being an indicator that it's a local call.

The IP detection part is critical these days. I also use Maxmind which works very well (and it's cheap).


 8:10 pm on Mar 11, 2009 (gmt 0)

How can you IP check on emails.

I use maxmind, works great


 8:41 pm on Mar 11, 2009 (gmt 0)

Jsinger, are you suggesting that my fiance is not going to get her wedding dress that she paid for? ;-0


 8:44 pm on Mar 11, 2009 (gmt 0)

How can you IP check on emails.

It depends on the program you are using for your emails.

But you want to look at the Headers for the email. Then locate the Origonating IP address within the headers. Even if they are using Yahoo or Hotmail, it will still display the IP address they were using when they sent the email.


 9:53 pm on Mar 11, 2009 (gmt 0)

Rugles, what do you make of that site?

I may register with a disposable email address to see what pops into my inbox.

If I need to provide a Nigerian bio, I have lots of them in my trash file. Should I be the daughter of the late oil minister or the widow of the deposed leader of Ghana who was later done in by esophageal cancer?


 2:31 pm on Mar 12, 2009 (gmt 0)

I can not figure out the scam either. It seems to be targeted at Nigerian immigrants. But surely they are hipper to the scammers than anybody else.

If you have some time to kill, might be worth figuring out the scam. It might be the start of a new type of fraud.


 8:00 am on Mar 13, 2009 (gmt 0)

I see comments on one of my sites asking "How much would it cost me for 8 of these? let me know at etc." on pages where I've discussed a product but theres nothing for sale.


 12:47 pm on Mar 14, 2009 (gmt 0)

Hmm, may be the group is trying to make an eccomerce site that targets americans, but they screwed it up due to the language barrier?

thorsten iceland

 9:03 pm on Mar 16, 2009 (gmt 0)

Rugles wrote:
I can not figure out the scam either. It seems to be targeted at Nigerian immigrants.

My best guess is that if this is a scam site, its intended target is merchant processors (online retailers, IPSPs, etc.)

Increasingly carder rings, (or buyers of stolen credit cards) will want to create a front business (i.e. a sham website) pretending to ship tangible goods (which don't exist) in order to fool inexperienced providers of merchant account services into giving them an account.

Then they run their stolen cards and hope that the money will be wired to them before the provider of the merchant account figures it out.

So in this case, perhaps this business website has been designed to explain why the IP addresses are from Nigeria for orders placed using US credit cards.

And yes, there are enough providers out there who either have such poor risk management, or just simply don't care, that they accept these kinds of 'businesses'.

Nice find jsinger.


 9:30 pm on Mar 16, 2009 (gmt 0)

Just a FYI, I can get a telephone number in any of 180 countries and have it forwarded to a Nigerian phone without the clicks and dials you spotted. So don't rely on lack of clicks and dials as being an indicator that it's a local call.

Google may have made it a bit easier for scammers to hide their location with Google Voice... I can see that service appealing to those with heavy travel schedules, the tech savvy, and scammers who wish to hide their location. Heck, maybe 7 scammers can get together and have one G Voice account forward to each of them.

Legit businesses vs. international scam artists, round 2!

Global Options:
 top home search open messages active posts  

Home / Forums Index / WebmasterWorld / Ecommerce
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved