Fake Flash Player Wants To Go Mining

The Bank of “We Have No Idea What We’re Doing”

One can only assume the creators of this 419 scam attempt threw up their hands, cried YOLO and set about putting together the least visually convincing “This is a mail from a bank, honest” attempt I’ve seen in some time. I mean, you think banking fakeout, you think professional looking imagery. You think clean, sounds-like-a-bank wording. You think…

BoA 419 scam
Uh oh

 

…Comic Sans Italic font. Because if you’re going to send a fake banking email, this is exactly the way to do it.

Making fun of someone

“And you’re not getting a free pen, either!”

The mail opens as follows, claiming to be from Bank of America:

I am Mr. Williams S. Harrison, The Managing director of Bank Of America branch in Washington DC USA. It is our pleasure to seek your consent in an unclaimed funds deposit of US$15.500,000.00Million recently discovered in our bank which has been abandoned for over 28 years ago by a late foreign investor bearing the same surname with you, who died in the Collapsed New World Hotel, 1986 according to the official report of our findings.

The Hotel New World collapse was an actual disaster in Singapore, but you can bet that nobody responsible for the above email has done any “investigation” whatsoever, nor have they tracked you down to hand over the supposed huge amount of money. This is yet another attempt by scammers riding on the coat-tails of a real tragedy to turn a fast profit.

The mail asks for the usual assortment of personal information: name, account number, bank name, bank address, home address and phone number. In another move likely to have the creator reaching for the “I’ve made a huge mistake” gif,  they went and used a Yandex address for their supposedly official email, and ask that all details be sent there. Yandex mail is a free service, and that combined with the sender address referring to a Turkish webhost service should really throw up all the red flags. This isn’t so much Bank of America as it is Bank of We Have No Idea What We’re Doing.

The mail finishes its fast track descent into the recycle bin with:

Try your possible best to forward them / give a responds [sic] to our bank email...Once again please don't reply to this email that sent you message and try to forward your personal and banking details to the above email.

They sound (at best) faintly optimistic that you might just, you know, send them something. If you really wanted to.

This is not the sign of a scammer who really seems to have any real idea about their shenanigan-filled task at hand. Having said that, some people will respond to pretty much anything put in front of them at the first sign of “Free money = this direction”, so it’s definitely worth letting relatives know about this one.

Your bank will never:

  • Ask for login credentials
  • Send mails from free services
  • Request a list of personal information
  • Tell you they randomly found 15 million dollars with your name on it
  • Draft out their mail in comic sans
  • Deny you a free pen, they have tons of those things

Okay, mileage may vary on that last one but where everything else is concerned? You’d better hope the Bank of We Have No Idea What We’re Doing turns into a trendy wine bar sometime soon.

Christopher Boyd

ABOUT THE AUTHOR

Christopher Boyd

Former Director of Research at FaceTime Security Labs. He has a very particular set of skills. Skills that make him a nightmare for threats like you.