Too Good to Be True! The Reality Behind Online Lotteries
27 Jan 2012
Everyone likes the idea of easy money, and email inboxes regularly get clogged up with notifications of big lottery wins. This spam template rarely varies – users are informed that they have won a huge sum of money in a lottery, and in order to receive their winnings they have to pay some minor expenses. Sounds tempting, but alas, this is nothing more than network fraud.
In her article ‘Congratulations, you’ve won! The reality behind online lotteries’, Kaspersky Lab Spam Analyst Maria Rubinstein sheds light on the typical scams employed by fraudsters as well as some useful tips on how to tell the difference between a fraudulent lottery message and a genuine notification.
In a typical online lottery scam, the recipient is asked to send a fee – anything from a few hundred to several thousand dollars – to speed the delivery of the winnings. This is ostensibly to meet expenses like money transfer commission, taxes, fees for opening a bank account, etc. The “lucky winner” often sees this money as being insignificant in comparison to the sum they’ve just won. However, once that “fee” is paid, the fraudsters disappear, and the unwary user has little chance of ever finding them.
There are a number of telltale signs that give away fraudulent lottery notifications:
- if you don’t buy a ticket, you won’t win a prize. If the message is about a lottery you didn’t participate in, it’s fake;
- not being addressed by your name. If a prize draw has actually taken place and the recipient has actually participated in the lottery, they will be addressed by their name (or the number of the lottery ticket);
- the notification is sent from a public mail server such as gmail.com, hotmail.com or yahoo.com;
- poor spelling or grammar in the notification letter. Such messages are usually generated by machine translation;
- the recipient is asked to reply to an email address that is different from the sender’s address, e.g. to the ddress of an “agent” or “manager”.
To be absolutely certain if a notification is genuine, search engines can be used to check the information in an email such as the lottery and sender’s name and any telephone numbers. Detailed information will most probably appear among the search results.
“According to Kaspersky Lab’s statistics, fake lottery notifications account for up to 3% of all spam, which translates into thousands of emails per month. To avoid falling victim to the fraudsters, all you need to do is follow some simple rules. And most importantly, always remember: there is no such thing as a free lunch!” concludes the author of the article, Maria Rubinstein.
The full version of the article is available at: www.securelist.com.