419ers are still very much in business. For those of you who don’t know, 419 is a Nigerian slang for what social engineers and fraudsters do. So 419er is synonymous with fraudster. 419 is also know as advanced fee fraud. The typical ones operate on phone. They often get your contact from a phone they stole and then they pretend to be that person or your estranged friend/relative in a foreign land. They could also approach you and try to seduce you into a very lucrative endeavor on the phone. There are a lot of other schemes that they use. The more sophisticated 419ers use the internet to scam their unsuspecting victims. I have always wanted to have an encounter with them. Recently I had an encounter with one of them.

On a beautiful Wednesday morning (25th January, 2012), I received this carefully drafted email from the address of a senior colleague of mine.

How you doing I am writing this letter for you to know the situation of things right now am in Spain, and i have a little problem at hand and you are the only one that can help me, i promise i will pay back as soon as i get back home.Please i want you to lend me 1000 Euros i really need it to sort out things here.Please i want you to send me the money through western union money transfer.Here is the details to send me the money.

Receivers Name: Musa Chukwu Jonathan (not real name)
Address: Paseo De la Castellana, 220
Zip Code: 28046
City: Madrid
Country: Spain

Please as soon as you are done with the transfer please email me the Money Transfer Control Number (MTCN) or please just scan the receipt give to you by western union.Please i will be waiting for your help.

God bless you
Musa Chukwu Jonathan (not real name)

After reading this mail, I smiled and ignored it. I did so because

  • I don’t have 1,000 Euros 😦
  • if this guy was stranded in Spain or anywhere else for that matter, we hadn’t established the kind of relationship to make him believe I will send the money
  • I knew this guy wasn’t in Spain

Later that night, the real guy finally got to discover that he had been hacked. He apologized and changed his email account password and other accounts that might had been comprised.

What an unfortunate incident for a nice guy like him! But really, the truth is that it could have been you. Yes you. It could have been me either or any other random person with an email address. Identity theft is one of the oldest and popular methods used by fraudsters. It is also relatively easier when compared with other modern sophisticated means that might involve serious black-hat hacking.

Even though you can’t really protect yourself 100% from these attacks, you can reduce the chances of being a victim. Some of the precautions you could take include

  • Change your password frequently.
  • Don’t ever give anybody your password. If you do, then change it as soon as you can later.
  • Have an easy to remember but strong password i.e. one containing symbols, uppercase and lowercase characters. Obviously “g|a$S3s” is definitely harder to crack than “glasses” even though they look similiar.
  • Don’t use a password for every account you own.
  • Don’t paste your password on the sticky notes on your computer. This is like locking your house with the padlock and then leaving the key on the doorbell.
  • Use the “remember password” feature on your browsers less often.

Finally, there are already lots of articles, websites and books about personal computer security so don’t forget to bookmark those sites for some other security tips.