Sunday, March 23, 2014

Credit card fraud

Credit card fraud is a wide-ranging term for theft and fraud committed using a credit card or any similar payment mechanism as a fraudulent source of funds in a transaction. The purpose may be to obtain goods without paying, or to obtain unauthorized funds from an account. Credit card fraud is also an adjunct to identity theft. According to the United States Federal Trade Commission, while identity theft had been holding steady for the last few years, it saw a 21 percent increase in 2008. However, credit card fraud, that crime which most people associate with ID theft, decreased as a percentage of all ID theft complaints for the sixth year in a row. Although incidence of credit card fraud is limited to about 0.1% of all card transactions, this has resulted in huge financial losses as the fraudulent transactions have been large value transactions. In 1999, out of 12 billion transactions made annually, approximately 10 million—or one out of every 1200 transactions—turned out to be fraudulent. Also, 0.04% (4 out of every 10,000) of all monthly active accounts were fraudulent. Even with tremendous volume and value increase in credit card transactions since then, these proportions have stayed the same or have decreased due to sophisticated fraud detection and prevention systems. Today's fraud detection systems are designed to prevent one twelfth of one percent of all transactions processed which still translates into billions of dollars in losses. In the decade to 2008, general credit card losses have been 7 basis points or lower (i.e. losses of $0.07 or less per $100 of transactions). In 2007, fraud in the United Kingdom was estimated at £535 million.


Initiation of a card fraud

Card fraud begins either with the theft of the physical card or with the compromise of data associated with the account, including the card account number or other information that would routinely and necessarily be available to a merchant during a legitimate transaction. The compromise can occur by many common routes and can usually be conducted without tipping off the card holder, the merchant or the issuer, at least until the account is ultimately used for fraud. A simple example is that of a store clerk copying sales receipts for later use. The rapid growth of credit card use on the Internet has made database security lapses particularly costly; in some cases, millions of accounts have been compromised. Stolen cards can be reported quickly by cardholders, but a compromised account can be hoarded by a thief for weeks or months before any fraudulent use, making it difficult to identify the source of the compromise. The cardholder may not discover fraudulent use until receiving a billing statement, which may be delivered infrequently. Cardholders can mitigate against this fraud risk by checking their account frequently to ensure constant awareness in case there are any suspicious, unknown transactions or activities.

Stolen cards

When a credit card is lost or stolen, it may be utilized for illegal purchases until the holder notifies the issuing bank that the card is lost. Most issuing banks have free 24-hour telephone numbers to encourage prompt reporting. Still, it is possible for a thief to make unauthorized purchases on a card before its cancellation. Without other security measures, a thief could potentially purchase thousands of dollars in merchandise or services before the cardholder or the card issuer realize that the card is in the wrong hands. The only common security measure on all cards is a signature panel, but, depending on its exact design, a signature may be relatively easy to forge. Some merchants will demand to see a picture ID, such as a driver's license, to verify the identity of the purchaser, and some credit cards include the holder's picture on the card itself. In some jurisdictions, it is illegal for merchants to demand card holder identification. Self-serve payment systems (gas stations, kiosks, etc.) are common targets for stolen cards, as there is no way to verify the card holder's identity. There is also a new law that has been implemented that identification or a signature is only required for purchases above $50, unless stated in the policy of the merchant. This new law makes it easier for credit card theft to take place as well because it is not making it necessary for a form of identification to be presented, so as long as the fraud is done at what is considered to be a small amount, little to no action is taken by the merchant to prevent it. A common countermeasure is to require the user to key in some identifying information, such as the user's ZIP or postal code. This method may deter casual theft of a card found alone, but if the card holder's wallet is stolen, it may be trivial for the thief to deduce the information by looking at other items in the wallet. For instance, a U.S. driver license commonly has the holder's home address and ZIP code printed on it. Visa Inc. offers merchants lower rates on transactions if the customer provides a zip code. In Europe, most cards are equipped with an EMV chip which requires a 4 digit PIN to be entered into the merchant's terminal before payment will be authorised. However, a PIN isn't required for online transactions, and is often not required for transactions using the magnetic strip. Requiring a customer's ZIP code is illegal in California, where the state's 1971 law prohibits merchants from requesting or requiring a card-holder's "personal identification information" as a condition of accepting the card for payment. The California Supreme Court has ruled that the ZIP code qualifies as personal identification information because it is part of the cardholder's address. Companies face fines of $250–1000 for each violation. Requiring a "personal identification number" (PIN) may also be a violation. Card issuers have several countermeasures, including sophisticated software that can, prior to an authorized transaction, estimate the probability of fraud. For example, a large transaction occurring a great distance from the cardholder's home might seem suspicious. The merchant may be instructed to call the card issuer for verification, or to decline the transaction, or even to hold the card and refuse to return it to the customer. The customer must contact the issuer and prove who they are to get their card back (if it is not fraud and they are actually buying a product).

Compromised accounts

Card account information is stored in a number of formats. Account numbers – formally the Primary Account Number (PAN) – are often embossed or imprinted on the card, and a magnetic stripe on the back contains the data in machine readable format. Fields can vary, but the most common include:

- Name of card holder
- Account number
- Expiration date
- Verification/CVV code

Card not present transaction

The mail and the Internet are major routes for fraud against merchants who sell and ship products, and affects legitimate mail-order and Internet merchants. If the card is not physically present (called CNP, card not present) the merchant must rely on the holder (or someone purporting to be so) presenting the information indirectly, whether by mail, telephone or over the Internet. While there are safeguards to this, it is still more risky than presenting in person, and indeed card issuers tend to charge a greater transaction rate for CNP, because of the greater risk. It is difficult for a merchant to verify that the actual cardholder is indeed authorising the purchase. Shipping companies can guarantee delivery to a location, but they are not required to check identification and they are usually not involved in processing payments for the merchandise. A common recent preventive measure for merchants is to allow shipment only to an address approved by the cardholder, and merchant banking systems offer simple methods of verifying this information. Before this and similar countermeasures were introduced, mail order carding was rampant as early as 1992.[8] A carder would obtain the credit card information for a local resident and then intercept delivery of the illegitimately purchased merchandise at the shipping address, often by staking out the porch of the residence. Small transactions generally undergo less scrutiny, and are less likely to be investigated by either the card issuer or the merchant. CNP merchants must take extra precaution against fraud exposure and associated losses, and they pay higher rates for the privilege of accepting cards. Fraudsters bet on the fact that many fraud prevention features are not used for small transactions. Merchant associations have developed some prevention measures, such as single use card numbers, but these have not met with much success. Customers expect to be able to use their credit card without any hassles, and have little incentive to pursue additional security due to laws limiting customer liability in the event of fraud. Merchants can implement these prevention measures but risk losing business if the customer chooses not to use them.

Identity theft

Identity theft can be divided into two broad categories: Application fraud and account takeover.

Application fraud

Application fraud happens when a criminal uses stolen or fake documents to open an account in someone else's name without authorization. Criminals may try to steal documents such as utility bills and bank statements to build up useful personal information. Alternatively, they may create counterfeit documents. Quite a few companies have application fraud calls where card members will have previously run their credit report and at that point they are able to see that they currently have an open credit card that they never applied for. At that point they realize that they have had some information taken and have been having their credit score compromised and contact the card company to let them know of the fraud application that was done. At that point the company is held responsible for the fraud that takes place and the card inquiry and balance is removed from the card member's credit report.

Account takeover

Account takeover happens when a criminal tries to take over another person's account, first by gathering information about the intended victim, and then contacting their card issuer while impersonating the genuine cardholder, and asking for mail to be redirected to a new address. The criminal then reports the card lost and asks for a replacement to be sent. Some merchants have introduced a new counter-measure to protect their consumers and their own reputation, where they ask the buyer to send a photocopy of the physical card and statement to ensure the legitimate usage of a card. While these changes are done to reroute the information to the criminal's address for their full usage, the card member is still being held at fault until the fraud is noticed and reported. At that point the company is able to look back in the card members history and determine when the fraud began and what the card member would be responsible for and what they will not, along with any suspects that may have done the fraud.

Skimming

Skimming is the theft of credit card information used in an otherwise legitimate transaction. The thief can procure a victim's credit card number using basic methods such as photocopying receipts or more advanced methods such as using a small electronic device (skimmer) to swipe and store hundreds of victims’ credit card numbers. Common scenarios for skimming are restaurants or bars where the skimmer has possession of the victim's credit card out of their immediate view. The thief may also use a small keypad to unobtrusively transcribe the 3 or 4 digit Card Security Code, which is not present on the magnetic strip. Call centers are another area where skimming can easily occur.Skimming can also occur at merchants such as gas stations when a third-party card-reading device is installed either out­side or inside a fuel dispenser or other card-swiping terminal. This device allows a thief to capture a customer’s cred­it and debit card information, including their PIN, with each card swipe. Instances of skimming have been reported where the perpetrator has put over the card slot of an ATM (automated teller machine) a device that reads the magnetic strip as the user unknowingly passes their card through it. These devices are often used in conjunction with a miniature camera (inconspicuously attached to the ATM) to read the user's PIN at the same time. This method is being used very frequently in many parts of the world, including South America, Argentina, and Europe. Another technique used is a keypad overlay that matches up with the buttons of the legitimate keypad below it and presses them when operated, but records or wirelessly transmits the keylog of the PIN entered. The device or group of devices illicitly installed on an ATM are also colloquially known as a "skimmer". Recently-made ATMs now often run a picture of what the slot and keypad are supposed to look like as a background, so that consumers can identify foreign devices attached. Skimming is difficult for the typical cardholder to detect, but given a large enough sample, it is fairly easy for the card issuer to detect. The issuer collects a list of all the cardholders who have complained about fraudulent transactions, and then uses data mining to discover relationships among them and the merchants they use. For example, if many of the cardholders use a particular merchant, that merchant can be directly investigated. Sophisticated algorithms can also search for patterns of fraud. Merchants must ensure the physical security of their terminals, and penalties for merchants can be severe if they are compromised, ranging from large fines by the issuer to complete exclusion from the system, which can be a death blow to businesses such as restaurants where credit card transactions are the norm.

Carding

Carding is a term used for a process to verify the validity of stolen card data. The thief presents the card information on a website that has real-time transaction processing. If the card is processed successfully, the thief knows that the card is still good. The specific item purchased is immaterial, and the thief does not need to purchase an actual product; a web site subscription or charitable donation would be sufficient. The purchase is usually for a small monetary amount, both to avoid using the card's credit limit, and also to avoid attracting the card issuer's attention. A website known to be susceptible to carding is known as a cardable website. In the past, carders used computer programs called "generators" to produce a sequence of credit card numbers, and then test them to see which were valid accounts. Another variation would be to take false card numbers to a location that does not immediately process card numbers, such as a trade show or special event. However, this process is no longer viable due to widespread requirement by internet credit card processing systems for additional data such as the billing address, the 3 to 4 digit Card Security Code and/or the card's expiration date, as well as the more prevalent use of wireless card scanners that can process transactions right away. Nowadays, carding is more typically used to verify credit card data obtained directly from the victims by skimming or phishing. A set of credit card details that has been verified in this way is known in fraud circles as a phish. A carder will typically sell data files of the phish to other individuals who will carry out the actual fraud. Market price for a phish ranges from US$1.00 to US$50.00 depending on the type of card, freshness of the data and credit status of the victim.

BIN attack

Credit cards are produced in BIN ranges. Where an issuer does not use random generation of the card number, it is possible for an attacker to obtain one good card number and generate valid card numbers by changing the last four numbers using a generator. The expiry date of these cards would most likely be the same as the good card.

Tele phishing

Scammers may obtain a list of individuals with their name and phone number luring victims into thinking that they are speaking with a trusted organization handing over sensitive information such as credit card details. Scamming has moved from landlines to cellphones in recent years. One popular tactic is to claim that they are from the "Card Services" division of one, or any number of popular banks, and are "verifying" your account information so that they can provide you a lower interest rate. Scammers can be very convincing, aggressive, and tireless in their efforts, often organized into large but clearly mobile call centers.

Balance transfer checks

Some promotional offers include active balance transfer checks which may be tied directly to a credit card account. These are often sent unsolicited, and may occur as often as once per month by some financial institutions. In cases where checks are stolen from a victim's mailbox they can be used at point of sales locations thereby leaving the victim responsible for the losses. They are one path at times used by fraudsters.

Fraudulent charge-back schemes

There is a class of email spam (usually sent to commercial / corporate email addresses) where the spammer makes an offer to purchase goods (usually not specifically identified) from a vendor. In the email, the spammer makes it clear that they intend to pay for the goods using a credit card. The spammer provides the shipping address for the goods, and requests a product and price-list from the vendor in the initial email. It has been speculated that this is some form of charge-back scheme, whereby the spammer is using a valid credit card but intends to request a charge-back to reverse the charge while at the same time retaining the goods that were shipped to them.

Unexpected repeat billing

When a card holder buys something from a vendor and expects the card to be charged only once, a vendor may charge the card a small amount multiple times at infrequent intervals such as monthly or annually until the card expires. The vendor may state in the fine print that the customer is now a "member" and the membership will be renewed periodically unless the card holder notifies the vendor in accordance with a cancellation procedure in the "membership agreement" which the card holder agreed to when they made the initial purchase. Because the periodic charges are unexpected, infrequent, and small, most card holders will not notice the charges. If a card holder complains to the bank that the charges were unauthorized, the bank will notify the vendor of the disputed charges and the vendor will respond that the card holder never cancelled the "membership" which the card holder agreed to. Since most card holders have no idea what the cancellation procedure is and the vendor will reveal it only to new customers, the bank will not reverse the charges, but instead will offer to cancel the credit card and reissue it with a different account number or expiration date. Unexpected repeat billing is in a gray area of the law, depending on whether the customer legitimately agreed to the charges.

Profits, losses and punishment

United States

Cardholder liability

In the US, federal law limits the liability of card holders to $50 in the event of theft of the actual credit card, regardless of the amount charged on the card, if reported within 60 days of receiving the statement. In practice many issuers will waive this small payment and simply remove the fraudulent charges from the customer's account if the customer signs an affidavit confirming that the charges are indeed fraudulent. If the physical card is not lost or stolen, but rather just the credit card account number itself is stolen, then Federal Law guarantees card holders have zero liability to the credit card issuer.

Merchants

The merchants and the financial institutions bear the loss. The merchant loses the value of any goods or services sold, and any associated fees. If the financial institution does not have a chargeback right then the financial institution bears the loss and the merchant does not suffer at all. These losses incline merchants to be cautious and often they ban legitimate transactions and lose potential revenues. Online merchants can choose to apply for additional services that credit card companies offer, such as Verified by Visa and MasterCard SecureCode. However, these are fiddly for consumers so there is a trade-off of making a sale easy and making it secure. The liability for the fraud is determined by the details of the transaction. If the merchant retrieved all the necessary pieces of information and followed all of the rules and regulations the financial institution would bear the liability for the fraud. If the merchant did not get all of the necessary information they would be required to return the funds to the financial institution. This is all determined through the credit card processory.

United Kingdom

In the UK, credit cards are regulated by the Consumer Credit Act 1974 (amended 2006). This provides a number of protections and requirements. Any misuse of the card, unless deliberately criminal on the part of the cardholder, must be refunded by the merchant or card issuer.

Credit card companies

To prevent being "charged back" for fraud transactions, merchants can sign up for services offered by Visa and MasterCard called Verified by Visa and MasterCard SecureCode, under the umbrella term 3-D Secure. This requires consumers to add additional information to confirm a transaction. Often enough online merchants do not take adequate measures to protect their websites from fraud attacks, for example by being blind to sequencing. In contrast to more automated product transactions, a clerk overseeing "card present" authorization requests must approve the customer's removal of the goods from the premise in real time. Credit card merchant associations, like Visa and MasterCard, receive profits from transaction fees, charging between 0% and 3.25% of the purchase price plus a per transaction fee of between 0.00 USD and 40.00 USD. Cash costs more to bank up, so it is worthwhile for merchants to take cards. Issuers are thus motivated to pursue policies which increase the money transferred by their systems. Many merchants believe this pursuit of revenue reduces the incentive for credit card issuers to adopt procedures to reduce crime, particularly because the cost of investigating a fraud is usually higher than the cost of just writing it off. These costs are passed on to the merchants as "chargebacks". This can result in substantial additional costs: not only has the merchant been defrauded for the amount of the transaction, he is also obliged to pay the chargeback fee, and to add insult to injury the transaction fees still stand. Merchants have started to request changes in state and federal laws to protect themselves and their consumers from fraud, but the credit card industry has opposed many of the requests. In many cases, merchants have little ability to fight fraud, and must simply accept a proportion of fraud as a cost of doing business. Because all card-accepting merchants and card-carrying customers are bound by civil contract law there are few criminal laws covering the fraud. Payment transfer associations enact changes to regulations, and the three parties— the issuer, the consumer, and the merchant— are all generally bound to the conditions, by a self-acceptance term in the contract that it can be changed.

Merchants

The merchant loses the goods or services sold, the payment, the fees for processing the payment, any currency conversion commissions, and the amount of the chargeback penalty. For obvious reasons, many merchants take steps to avoid chargebacks—such as not accepting suspicious transactions. This may spawn collateral damage, where the merchant additionally loses legitimate sales by incorrectly blocking legitimate transactions. Mail Order/Telephone Order (MOTO) merchants are implementing Agent-assisted automation which allows the call center agent to collect the credit card number and other personally identifiable information without ever seeing or hearing it. This greatly reduces the probability of chargebacks and increases the likelihood that fraudulent chargebacks will be successfully overturned.

Famous credit fraud attacks

Between July 2005 and mid-January 2007, a breach of systems at TJX Companies exposed data from more than 45.6 million credit cards. Albert Gonzalez is accused of being the ringleader of the group responsible for the thefts. In August 2009 Gonzalez was also indicted for the biggest known credit card theft to date — information from more than 130 million credit and debit cards was stolen at Heartland Payment Systems, retailers 7-Eleven and Hannaford Brothers, and two unidentified companies. In 2012, about 40 million sets of payment card information were compromised by a hack of Adobe Systems. In July 2013, press reports indicated four Russians and a Ukrainian were indicted in New Jersey for what was called “the largest hacking and data breach scheme ever prosecuted in the United States.” Between Nov. 27, 2013 and Dec. 15, 2013 a breach of systems at Target Corporation exposed data from about 40 million credit cards. The information stolen included names, account number, expiry date and Card security code From 16 July to 30 October 2013, a hacking attack compromised about a million sets of payment card data stored on computers at Neiman-Marcus.

Countermeasures

Countermeasures to combat credit card fraud include the following.

By merchants:

- PAN truncation – not displaying the full number on receipts
- Tokenization (data security) – not storing the full number in computer systems
- Requesting additional information, such as a PIN, ZIP code, or Card Security Code
- Perform geolocation validation, such as IP address
- Use of Reliance Authentication, indirectly via PayPal, or directly via iSignthis or miiCard.

By card issuers:

Fraud detection and prevention software) that analyzes patterns of normal and unusual behavior as well as individual transactions in order to flag likely fraud. Profiles include such information as IP address. Technologies have existed since the early 1990s to detect potential fraud. One early market entrant was Falcon; other leading software solutions for card fraud include Actimize, SAS, BAE Systems Detica, and IBM.

Fraud detection and response business processes such as:

Contacting the cardholder to request verification. Placing preventative controls/holds on accounts which may have been victimized. Blocking card until transactions are verified by cardholder. Investigating fraudulent activity

Strong Authentication measures such as:

Multi-factor Authentication, verifying that the account is being accessed by the cardholder through requirement of additional information such as account number, PIN, ZIP, challenge questions,Out-of-band Authentication, verifying that the transaction is being done by the cardholder through a "known" or "trusted" communication channel such as text message, phone call, or security token device, Industry collaboration and information sharing about known fraudsters and emerging threat vectors

By Governmental and Regulatory Bodies:

Enacting consumer protection laws related to card fraud. Performing regular examinations and risk assessments of credit card issuers. Publishing standards, guidance, and guidelines for protecting cardholder information and monitoring for fraudulent activity. Regulation, such as that introduced in the SEPA and EU28 by the European Central Bank's 'SecuRE Pay' requirements and the Payment Services Directive 2 legislation.

By cardholders:

Reporting lost or stolen cards. Reviewing charges regularly and reporting unauthorized transactions immediately. Installing virus protection software on personal computers. Using caution when using credit cards for online purchases, especially on non-trusted websites. Keeping a record of account numbers, their expiration dates, and the phone number and address of each company in a secure place.

Additional technological features:

- EMV
- 3-D Secure
- Strong authentication

GOOD DAY TO YOU BENEFICIARY,

GOOD DAY TO YOU BENEFICIARY,

Good day to you, Zenith Bank Plc is informing you of your long over-due fund which you have been finding difficult to receive via a Certified Bank Draft issued by zenith bank Plc. Now We have arranged your payment through our International ATM CARD PAYMENT CENTER in Europe, America, Africa and Asia Pacific, this is part of an instruction/mandate passed by the Senate in respect to overseas contract payment and debt re-scheduling. Now your conduct code is ATM 104 We shall send you an International Swift ATM CARD ( Master Card) from zenith Bank Plc which you are to use in accessing your funds via any ATM MACHINE located any where in the world. And your maximum withdraw daily will be Five Thousand United States Dollars($5,000.00) valued sum at Four Million Five hundred thousand United States Dollars {$4,500,000.00} which has been programmed in the card already to you as our beneficiary.

GUIDE LINE: immediately the release of your ATM MasterCard from the bank which has been activated and deposited in Adelaide South Australia already with your total value amount {$4,500,000.00USD},your processing officer MR JAMES ROWLAND will provide you the attached followings, ATM MasterCard copy,(CRESTED IN YOUR NAME) and with the bank name,including his identification card,to clarify the legitimacy of this funds to you.

EMAIL :mrssarahjones@outlook.com
DIRECT TEL-NUMBER:(+44-703-192-0106)

NOTE: once your ATM MasterCard is release with all the listed document from your processing officer, all you need to do is get your APPROVAL SECURITY ORDER CERTIFICATE and your DIPLOMATIC COURIER CHARGE. it will be needed in
your name to complete your papers and secure your shipment safely in 48hrs once you get this said Approval. You are to send the required fee of $600usd to get your Approval security order and for your diplomatic service to your doorstep.
Send the fee with the information below,

RECEIVER'S NAME: Ronald Lane
CITY/COUNTRY: Adelaide South Australia
TEXT QUESTION: To who
TEXT ANSWER: Ronald
MTCN$600USD: .................

Kindly re-confirm your details so as to facilitate immediate release from Zenith Bank
immediately.

(1) Your Full Name :
(2) Full Residential Address : (P.O.BOX NOT ALLOWED)
(3) Direct and Current Phone :
(4) Nationality :
(5) Present Country :
(6) passport identification:

Once again the Approval Security Order Certificate and your Diplomatic Courier charge ($600usd) is all you need before shipping your card to your door destination for withdraw usage. Please be regular on your email so we can use in contacting, before 1week to confirm your payment with you.

THANKS,
MRS SARAH JONES.

Kindly Re-confirm This To Me.

UNITED NATIONS OFFICE OF INTERNATIONAL OVERSIGHT SERVICES
Internal Audit,Monitoring,Consulting And Investigations Division.
Attn: Kindly Re-confirm This To Me.

The sum of $4.5 million out of your over due total sum has been approved for payment through ATM cash card system after all attempts to pay you through bank, and diplomatic courier failed. The approved sum has been programmed into the ATM cash card which will be dispatched to you through your address upon reconfirmation. We have made several attempts to contact you and this is the 3rd and perhaps the last email to you in respect to this matter. Meanwhile, we received a power of attorney from one JOHN GRIMLEY from USA purportedly issued by you asking us to change the fund beneficiary to his name hence we are seeking for your confirmation as soon as possible. To this end, you should Kindly Re-confirm these information to me.

E-Mail: danielscott1100@gmail.com (REPLY TO THIS E-MAIL ONLY).
Mr. Daniel Scott
+234-7044913221

(1) Your Full Names:-
(2) Address:-
(3) Your Phone Numbers:-

NOTE: The actual fees for shipping your ATM card is just $275 nothing more and no hidden fees of any sort! Upon receipt of payment the delivery officer will ensure that your package is sent within 24 working hours. Because we are so sure of everything we are giving you a 100% money back guarantee if you do not receive payment/package within the next 24hrs after you have made the payment for shipping.

Yours In Service,

Ms. Carman L. Lapointe
{Under-Secretary-General).

*************************************

*******************

Confidentiality Notice: This email is the property of the sender. It contains information that is not public knowledge and should only be used for internal purposes. Disclosure of this information to anyone outside of the intended recipient is prohibited. Please consider the environment before printing this message.

APPROVED

UNITED NATIONS / WORLD BANK ORGANIZATION
United Nations House, 617/618.
Diplomatic Zone,
Central Area District,
Federal Capital Territory,
Abuja, Nigeria.
Our Ref: YBNGWB/UN/2012.
Dear Beneficiary,

APPROVED COMPENSATION PAYMENT AWARD OF US$25M

This is to inform you that a Debit Cash Card Number 7876310003001420 Valued at $25 Million United States Dollars has been accredited in your favor. Please contact Mr. Lancelot Ego, Email: info_atmoffice113@yahoo.com.hk with the following information to facilitate your claims:

FULL NAME:
AGE:
GENDER:
ADDRESS:
COUNTRY:
OCCUPATION:
MOBILE NUMBER:

Best Regards,
Mr. Samson Adekunle.
CIV NAVSUBTORPFAC YORK.
UNITED NATIONS / WORLD BANK ORGANIZATION.

From Barrister John Koffi

Attention:

My name are, Advocate.John Koffi, a lawyer in Republic of Benin Republic. Mr.Clement , was a gold matchant and also my client before his death which was a result of lung cancer.

Now I want to present you as the next of kin, to my late client Bank management so that the money left behind by my late client will immediately transfer to your account through my assistance by presenting you to the bank.

The money value of Ђ7.5Million (Seven million five hundred thousand Europian states dollars) was deposited in a bank here by my late client, before his Death on 23 November2010.Please mail me back on this my private email address ( koffijohnbarrister@yahoo.fr ) for more explanation and details.

Best regards,

Advocate John Koffi

Greeting from U.S Embassy,

U.S. Department United States

Embassy Seal
Greeting from U.S Embassy,

THIS MAIL IS ONLY FOR THE OWNER OF THIS E-MAIL ADDRESS

Attention:Beneficiary,

Please i want to inform you that your fund was brought to my desk this morning because the director of the western union here in Nigeria said that they will divert your fund to the Government Treasury account just because you failed to pay for their fee of your fund which is just $105.00 only. But i told them to wait until i hear from you today so that i will know the reason why you rejected such amount of money $7.5m which will change your life just because of $105.00

I want your urgent response as soon as you receive this email and explain to me the reason why you should abandon your fund or if you don't need it then i can change your name to another person so that the corrupt Government officials of Nigeria will not claim this money for their selfish interest.

YOUR FULL CONTACT INFORMATION IS NEEDED.

Your Full Name:_______}
Your Private Phone Number:_____}
Home Address:_______}
Sex/Occupation:______}
Age:_______}
Your Identification Id:____}

I will wait to hear from you now.

Mr. James F. Entwistle.
United States Ambassador to {Nigeria}
E-mail:-{ chicagous.atm46@gmail.com }
Nigeria PEPFAR Logo: Benin and Americans in Partnership to Fight HIV/AIDS

here is the security code of your ATM master card (1470)

Attn: Beneficiary,

I wish to inform you that your total fund worth the sum of Six Hundred Thousand GBP (€600,000.00pounds) has been converted to an ATM master card in C/O OCEANIC BANK plc ATM dept.Republic Du Benin.Therefore, you should be informed that i have today being 22th March.2014 deposited your ATM master card with the EMS courier company Republic Du Benin.Now,all you need to do is contact the EMS on their information below,Meanwhile, here is the security code of your ATM master card (1470)please, bellow are the information needed from you by the EMS EXPRESS LINK SERVICE COMPANY to enable them proceed with the delivery of your ATM master card to your door step.

Note: you must endeavor to reconfirm to them your full information as stated below so that there will be no mistake during the delivery by the diplomat.

1. Your Full Name
2. Country / Location
3. A Copy of Your ID or Pass-port.
4. Address:
5. Current phone number for easy communication.

Contact Person Mr.Uba James
E-mail:atm.department2014@yandex.ru

Warm regards,
Prof. Ben Geff.

I WARMLY GREET YOU.

Dear Friend,

I warmly greet you.

Please forgive me if my plea sounds a little strange or unbelievable to you. My family attorney who could have handled the process of executing my WILL & TESTAMENT on my behalf died early this year after a protracted illness. I therefore prayed fervently and by the special grace of GOD, I got your email ID from your country's guest book. I am Mrs. Mary Elizabeth Olivia, a native of Australia, I am 58 years old. I am suffering from protracted cancer of the lungs which has also affected part of my brain cells due to complications. From all indication, my condition has deteriorated and it is quite obvious according to my doctors that i may not live for the next couple of months, because my condition has gotten to a critical and life threatening stage. I was orphaned at the age of four and was raised in an orphanage. I was married to my late husband Engineer. Steve Olivia for twenty years without a child. STEVE had cardiovascular condition and died of cardiac arrest few years ago.I am a fervent Believer and a God fearing woman just like my late husband. Steve and i lived in Nigeria for over 18 years, where my husband a petrochemical engineer by profession worked and rose through the ranks to become an executive director with a multinational construction and oil servicing conglomerate, before his demise. He also established huge private investments that i assisted in managing. Sequel to the unfortunate and shocking demise of my priceless husband, i decided as a rule not to re-marry. when my cancer ailment became terminal & more so because i do not have a next of kin to bequeath all that STEVE & i labored for, I sold off all our choice properties and other inherited belongings comprising of a shopping mall, an hotel, shares, bonds, jewelries and other valuable family treasures and deposited the proceeds amounting to USD$10,000,000.00 (TEN MILLION DOLLARS ONLY) with First Inland Bank of Nigeria plc. As i write this fund is still deposited with the bank. The management of the bank just wrote me as the sole owner because of the unserviceable status of the fund and suggested to me in a 2 paragraph statement to issue a letter of authorization to someone who can manage the fund on my behalf because of my ill health and also threatened that the fund could be confiscated upon my failure to adhere to their Banking rules and regulations within a stipulated time frame. I am presently at the intensive care unit of a London hospital, located at Fulham road in west London. It is the leading cancer treatment hospital in the world and i have been undergoing treatment there for late-stage terminal cancer of the lungs. I am computer literate and was fortunate enough to have my personal laptop with me, hence I am writing from my sick bed. I rarely talk; my doctors told me that I have only few months to live, unless there is a divine intervention. It is my last WISH therefore to see that 90% of this fund is invested in any charitable organization of your choice and administered as you may deem fit, especially to the orphanage homes and homes for destitute and the mentally retarded. you can also extend some part of the funds to churches and mosques and to those struck by natural disaster, if you wish.10% of the fund could also be expended on cost of administration of WILL & TESTAMENT and also on logistic support and other sundry arrangements that you may require as soon as the fund I crave your indulgence as a God fearing individual and as someone who cares for the less-privileged as much as i do, to take it upon yourself and use this fund for the above mentioned purposes, I took this painstaking decision in other to help humanity in my little capacity before i rest in peace in the bosom of GOD almighty. According to my physicians my time will soon be up. As soon as I receive your reply and personal information as listed below, I shall give you the official contact of the First Inland Bank plc officials, to enable you contact the Bank without delays. I will also issue you with a letter of authorization, so that my bankers will recognize your status as the new beneficiary of the fund.The letter of authorization will further prove that you are the new beneficiary of my ESTATE, WILL & TESTAMENT. the funds have an open beneficiary mandate and as such, it is whom i authorize or appoint to act on my behalf that the bank will recognize and release the funds to.Please assure me that you will not treat this offer with levity but will rather give my bequest continued existence.

SEND THE INFORMATION IN THIS ORDER:

(1) Your full names: ==================================================
(2) Personal or official contact address:===============================
(3) Home or Office phone#:============Cell phone#:==========Fax#:=======
(4) Your Age: ==========================================================
(5) Occupation:=========================================================
(6) Sex/Marital status:=================================================
(7) Private E-mail Address: ============================================

Awaiting your kind response while craving your appreciation of my predicament.

Your Friend In Christ,

Mrs. Mary Elizabeth Olivia.
(Australia)
Private Email: mrs.marye@aol.com

PLEASE I NEED YOUR ASSISTANCE!!!

Hello ,

I am sorry to bother you but by His grace and inspiration, I contacted you. My name is Janet Taylor. from Ivory Coast. I am 17years old and the only child of my late parents late {Chief and Mrs. GABRIEL TAYLOR} I do not know my mother, she died when I was a baby.

My father established his cocoa business in Accra Ghana, and he died shortly of heart attack his death has now made me orphan and I am exposed to danger. Before the unfortunate death of my father, he called me on his bedside and reveal to me about some funds $8.5 million U.S .Dollars and gold dust which he kept inside two metallic boxes which he deposited with a Security Company in Benin Republic Cotonou all in West Africa as a family treasure.

Since the death of my father, my uncles have sent me out of our house; they said that I am a female child that I do not have any rite in the family as demanded by the custom and tradition in Africa. Presently I am living with a pastor and his family in Benin Rep.

My father said he used my name as his only child as his next of kin to the deposit and in case he fails to make it that I should take care of myself and get someone to help me invest the money for me. I have all the papers with me here and the key to the boxes, my father did not disclose the content of the two trunk boxes to the security company to avoid the officials from raising eye brows to the funds. Presently I have contacted the security company about the claim but the security company told me that my father made an agreement with the company management that they should not release the two trunk boxes to me without a foreign partner that is why I am seeking for your assistance to help me stand before the company as my foreign beneficiary partner or my guardian to receive the trunk boxes in your country so that I can come over to meet you and continue my education.

Please help me and stand for me as my guardian and contact the security company. I will love it most if you will come down here so that after the transaction I will go back to stay with you in your country for a better future. Willingly your percentage is sure as compensation for your help but most important is to get the funds out from the security company and you are still going to be the one to help me invest the money since I do not have any idea about investment.
Expecting your soonest respond,please kindly get back to me on my private email:(miss.j_taylor@outlook.com)

Regards,
Yours Faithfully,
Sis.Janet Taylor.

---
This email is free from viruses and malware because avast! Antivirus protection is active.
http://www.avast.com

VERY CONFIDENCIAL, RESPOND BACK URGENTLY

OFFICE OF FEDERAL GOVERNMENT
(INTERNAL REVENUE BOARD)
PLOT 270 OZUMBA MBADIWE,
GARIKI, ABUJA F.C.T NIGERIA

ALLOCATED PAYMENT/TRANSFER OF US$5.5 MILLION.

Good Day Dearest.

After a careful verification on your Contract/Inheritance payment file through our central computer monitoring index as mandated by the presidency of Federal Republic of Nigeria Today, I discovered that it shall take a long process for your payment to be released due to some abnormalities detected in your contract file, during the secret verification process from Central Bank of Nigeria CBN. However, I realized that you have spent so much money and time in trying to actualize your goal of been paid which did not even reflect in your file, but I have an offer that might interest you which will at least sustain you financially pending until when you receive your contract payment. This offer arose from the Federal Government reserve vault under my care. It is a total sum of $5.500, 000.00 usd (Five million, Five Hundred United States Dollars Only), which will be shared between you and I in the ratio of 60%-40%.

NOTE: This amount in deal is not from your Contract/ Inheritance sum or has any thing related to your contract payment, rather it is a left over from the Allocated sum used in paying Local and Foreign CONTRACTORS/INHERITANCE Beneficiaries and it is directly under my custody. I am offering you this because I have seen that you are a committed contractor and your contract funds will not be released on time until all the abnormalities are rectified in presidency office. The only thing needed for this $5.500, 000.00 usd (Five million, Five Hundred United States Dollars Only) is to be swiftly wired into your account under 72 hours or any choice of your receiving, which is different from what you already have in your contract file. We shall legally accredited / normalize at the Federal High Court of Justice as a diplomatic account in accordance to the rules and regulation of the Federal Government’s Financial act as amended by fund-in-transit act of 8000. Already all modalities are in place to register this transaction as a diplomatic compensation.

Be adequately informed that this is not YOUR CONTRACT/INHERITANCE PAYMENT therefore, there will be no bureaucracy or misfortune. Please note that if you desire to accomplish this transaction with me, just reach me immediately on the above telephone +234 703 103 2062 with your updated Bank Account OR choice of receiving the funds. Once more, be rest assured that this transaction will take us just 96 banking working hours to be consummated provided you are committed to work with me.

Fill the following information and return it back with a copy of your International Passport/Drivers Lenience

i) SURNAME:
ii) FIRST NAME:
iii) LAST NAME:
iv) MOBILE PHONE NUMBER:
v) NATIONALITY:
vi) OCCUPATION:
vii) BANK ACCOUNT DETAILS:
viii) BANK ADDRESS:

Please due respond immediately if you care to carry this deal with me in peaceful way or call me with my Phone number +234 703 103 2062 for more discussion .

Sincere wishes and best regards

MR. DONATUS JERRY
Public Affairs Commission
OFFICE OF FEDERAL GOVERNMENT
INTERNAL REVENUE BOARD