419 scammers using NYTimes.com 'email this feature'

Summary:What do Burkina Faso and the New York Times have in common? As of recently, a peak of 419 scams promising you the Moon and asking you for advance-fees via emails sent through the NYTimes.

What do Burkina Faso and the New York Times have in common? As of recently, a peak of 419 scams promising you the Moon and asking you for advance-fees via emails sent through the NYTimes.com's 'email this feature' in order to successfully bypass anti-spam filters.

The tactic applied by 419 con artists aiming to abuse the clean IP reputation of NYTimes.com's email servers has been persistently diversifying the themes and user names of registered users during the last couple of months. Interestingly, upon interacting with the scammers, all campaigns seem to be operated by the same gang using the ONATEL ISP based in Burkina Faso.

Here's how the scheme works:

Their business model is in fact a primitive version of the scareware business model relying on affiliates to drive traffic and infect people.

In this particular campaign, Alizeta Ouedraogo acts as an affiliate which is spamming and interacting with the potential victims, where once they fall into her scenario she'd basically redirect them to a third-party and insist that you use "DONATION FROM MRS.ALIZETA OUEDRAOGO" as a subject of your email so that she/he can later on have a claim on the money obtained :

"If you agree with me in respecting my last wishes as listed in this message,then you go ahead and contact my attorney through his email and phone: His name is  Hon.Sanfo A.Karim,his Email: sanfoabdulkarim@yahoo.fr phone: +22676578847. While contacting him use, (DONATION FROM MRS.ALIZETA OUEDRAOGO) as your subject,  this will enable him to know you purpose of communicating. I am looking forward to hearing from you again."

Needless to say that this is scam you should not interact with.

Topics: Collaboration, Security

About

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, and cybercrime incident response. He's been an active security blogger since 2007, and maintains a popular security blog sharing real-time threats intelligence data with the rest of the community... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.