Email to Friend Feature Exploited by 419 Spammers

Security researcher Graham Cluley reports he received a spam message that was a rather bizarre twist on the old 419 scam, using a website’s “share with a friend” feature as its distribution method.

The scam, named after the section that covers it in the Nigerian criminal code, is one almost everyone has received. Usually it’s some frantic member of an obscure country’s government or royal family, and, sometimes, a lawyer. The message explains they are dying/exiled/representing the estate of a long lost relative, and want you to help them get their fortune out of the country or want to give you a multi-million dollar inheritance. In return for your help, you get to keep a nice chunk of it for yourself. The catch? If you accept their request for help or your inheritance, you’ll soon start getting an email explaining they need money to pay taxes, transfer fees, bribes, etc. The more you send the more emails explaining the need for more money. Tell them no or that you can’t pay, and they (and your “inheritance”) will vanish.

In this new twist, the spammer used the share feature on the Daily Mail’s website to send an email to the researcher. The email contained the scam, nestled inside a link and summary of the article they chose to share, in this case a nearly 10-year old article announcing the sitcom Friends was going off the air. Presumably the scammers figured this method would be a great way to mask their message so it wouldn’t get caught in a spam filter. Seems rather tedious though, unless they’ve created a bot that can do it for them, but perhaps they have, out of sheer desperation.


Written by Sue Walsh

1 Comment

  1. Jordan Newton · November 30, 2012

    Waah! That’s a whole lot of spammers! But I think these are what you call “harmless spamming,” as the stories are practically absurd. Only someone who doesn’t have a lot of experience with e-mail or so vulnerable can fall into that trap. A royalty? Hell no! I even doubt if real royalties sent the mails themselves. A million dollars just to get a trust? But I have to hand it to the spammers for being so creative and ingenious. Tapping that feature means less time and effort for them. They definitely know what Pareto principle is or the process of becoming more efficient.

Leave A Reply