I guess this is Classic Phish Month, and today we sure have a real classic amongst us. I was going to talk about another, lesser phishing email, but when I found this morning a Nigerian Prince-class email waiting in my mailbox, I knew I that it was the one.
![[A Picture of our Nigerian Phisher, caught Red Handed]](/images/2023/NigerianPhisher.jpg)
OK, this may not be royalty, and I did not check if it really originates in Nigeria or just pretends to be. Let’s keep my hopes up and say it hails from the home of the 419 Scam. Like in the last post, last post, this is a classic advance fee fraud, or “I have free money for you but you need to provide me some info so I can steal your identity and/or bank account in the process” kind of email. Different from the aspiring phisher from last post, this one not only stuck to the basics but also honored the phishing forefathers. I am just posting the text version as it uses no graphics; it needs none:
From: Dr Samuel Ogboku. <yachay@yachay.pe> Reply-To: <drsamuelogboku55@gmail.com> Date: Fri, Jul 21, 2023 at 4:21 AM Subject: Re: Don't Ignore This Important Notification From Niger Delta Development Commission (NDDC). To: Clueless Phish Dr Samuel Ogboku (Chairman/CEO) Niger Delta Development Commission(NDDC) Port Harcourt, Rivers State www.nddc.gov.ng Attention, It is of pleasure contacting you via email. I came across your contact via the World Trade Center (W.T.C.) African Regional office, without disclosure of my intentions which is personal. As an authority here in Niger Delta Development Commission, I noticed three executed contracts which have not been paid for and the contractors who executed these contracts could not be traced or reached till this moment.Upon my resumption in the office, I called for internal auditing after hand over, I realized so many financial lapses involving huge contract sum amounting to Forty Million , Six Hundred and Fourteen Thousand United States of America Dollars (US$40,614,000 Million), Twenty One Million United States of America Dollars (UDS$21 Million ) and Ten Million, Five Hundred Thousand (US$10,500,000) respectively. I further investigated to find out that these funds were products of over invoicing from contractors / companies whom actually and genuinely were awarded contracts respectively and they executed the jobs and were duly paid with Job completion certificates issued ,but my predecessors could not move the left over funds due to unexpected call for their resignation/removal from the office ( WRONG TIMING). Since their resignation,Some of them have secretly and personally approached me to cover these transactions for them by not disclosing to anyone or leave it in the NDDC accounts/ records in order not to implicate them, rather , i should protect their image and secure these funds for me and my cabinets as these funds have been there and cannot be declared to the Government , if disclosed, some higher authorities will find ways to claim it. I have recently discussed and agreed with the Executive Project Director, Chief Accountant and Financial Director to secure and move this fund outside However, we further noticed that the companies used in securing these funds respectively were neither incorporated as a legal entity with the Corporate Affairs Commission nor registered with Niger Delta Development Commission as contractors, making it difficult to neither function in business nor authorize for contract payment. I am fully aware of the activities of some unscrupulous people that are currently going on in our world today which you must have been fully acquainted with unpleasant stories, especially this part. But the truth also remains that the world has not been totally invaded by this group of people hence, people can still do businesses together all over the world and further establish healthier personal and business relationships. Having explained this, I seek your consent to partner with us and secure this fund in your name or company's name. All documents shall be legally provided to suit the purpose . As the Chairman /CEO of Niger Delta Development Commission(NDDC), I cannot risk or gamble with my position. There is no risk whatsoever attached. We will award you with 15% of any secured funds with you and our shares shall also be invested with you in your country pending when our tenure in the office will elapse. Kindly get back to me with your Full name and telephone / mobile number for more details if agreed to work with us.Also, I guarantee that this will be executed under legitimate arrangements that will protect you from any breach of the law. Thank you. Yours faithfully, Dr Samuel Ogboku.
What makes this phishing email majestic
-
Take my word: you have to read through it to appreciate it. This is not a half-hearted phishing email like the mediocrity we have been receiving; this is the kind of well-crafted con we deserve to receive. It does not insult our intelligence but entertains it.
-
Chairman /CEO of Niger Delta Development Commission(NDDC)! This is proper Nigerian Scam. The only thing that could trump this was if it claimed to be from Nigerian Royalty. Yes, that is as close at this email is from the absolute apex in the phishing pantheon. This is the kind of email you only hear about. Remember where you were when you read it.
-
The second paragraph is there to set the bait (hence phishing), but when it gets to “huge contract sum amounting to Forty Million , Six Hundred and Fourteen Thousand United States of America Dollars”, you know this email delivers! I am sorry; I have no words. I am giggling here.
-
Contrary to lesser phishing emails, this one does not scream at you or pressure you too hard. There is no terrible grammar here. It massages you back by slowly working its con onto your skin as if it was scented oil. It appeals to your greed, but just with the right pressure.
-
The
Subject:line starts withRe:as this is an old trick to make the lesser (i.e. most of them) spam filtering tools to think “oh, this is a reply to an already running conversation; I better let it pass!” It still works. -
The trademark of phishing emails, “kindly” is there. But this word is only to identify the garden-variety phisher, not someone who crafts this work of beauty.
So, savor this email. This is why I look down on so many phishing emails. When you experience this, you realize comparing this with the normal mediocricity that floods our mailboxes is like comparing between have clothes custom made by an European tailor with decades of experience and something bought at Wal Mart.