A recent phishing campaign targeting individuals in North America interested in purchasing second-hand pianos has been identified.
Description
The scammers offer a free piano [1] [3] [4] [5] [6] [7] [8], claiming personal reasons such as a family death, to deceive victims into paying for shipping through various methods, including cryptocurrency [1] [2] [4] [5] [7] [8]. This scheme is a precursor to an advance fee fraud scam [7], commonly known as 419 scams, often originating from Nigeria [7] [8]. The scammers use fake shipping companies and offer payment options such as Zelle [4] [5], PayPal [3] [4] [5] [6], Apple Pay [3] [4] [5] [6], and cryptocurrency [1] [2] [3] [4] [5] [6] [7] [8]. At least one Bitcoin wallet used by the scammers has processed transactions totaling close to a million dollars. The fraudulent emails come from free webmail accounts and target students [4] [7], faculty [1] [2] [3] [4] [5] [6] [7] [8], and various industries in North America [3] [4] [8]. Victims who respond to the offer end up paying hundreds of dollars to the fraudsters and providing sensitive information that can be used for identity theft [4]. Recipients are advised to exercise caution when receiving unsolicited emails that seem too good to be true and to be vigilant against suspicious content and sender addresses. Proofpoint has identified the scam as ongoing and targeting students and faculty at colleges and universities [5], as well as other industries [1] [5] [7]. The scammers behind the operation are likely based in Nigeria [5], with a Bitcoin address used to receive payments totaling $900,000 [4] [5]. Security researchers at Proofpoint have uncovered a series of fraudulent email campaigns using piano-themed messages to lure victims into advance fee fraud (AFF) scams [2]. These scams target students and faculty at North American colleges and universities [1] [2] [5], as well as other sectors like healthcare and food services [2]. Scammers have sent over 125,000 deceptive emails this year [2], offering free pianos under false pretenses and coercing victims to pay upfront for shipping costs via various payment channels [2], including cryptocurrency [1] [2] [4] [5] [7] [8]. Proofpoint’s investigation revealed at least one Bitcoin wallet with over $900,000 in transactions [2] [3] [6], indicating the involvement of multiple threat actors [2], some of whom are traced back to Nigeria [2]. These AFF scams [2], also known as “419” scams [2] [3] [7] [8], rely on elaborate narratives to deceive victims into making payments for promised benefits that never materialize [2]. Vigilance is crucial when encountering unsolicited emails promising unrealistic rewards [2], as they often serve as bait for malicious schemes [2].
Conclusion
This phishing campaign targeting individuals interested in purchasing second-hand pianos highlights the importance of vigilance and caution when dealing with unsolicited emails. The impact of falling victim to such scams can result in financial loss and potential identity theft. It is essential for recipients to be aware of suspicious content and sender addresses, and to refrain from engaging with offers that seem too good to be true. Moving forward, continued education and awareness about phishing scams are crucial in mitigating the risks associated with online fraud.
References
[1] https://securityboulevard.com/2024/05/scammers-build-fraud-campaigns-around-free-piano-offers/
[2] http://techxmedia.com/beware-piano-themed-scams-targeting-universities-and-beyond/
[3] https://securitymea.com/2024/05/29/piano-themed-malicious-campaigns-luring-people-into-advance-fee-fraud-scams/
[4] https://me.pcmag.com/en/security/23834/free-piano-nope-its-just-an-email-scam-out-to-extract-cash-personal-data
[5] https://uk.pcmag.com/security/152531/free-piano-nope-its-just-an-email-scam-out-to-extract-cash-personal-data
[6] https://www.proofpoint.com/us/blog/threat-insight/security-brief-sing-us-song-youre-piano-scam
[7] https://www.computerweekly.com/news/366586694/Proofpoint-exposes-AFF-scammers-piano-gambit
[8] https://www.infosecurity-magazine.com/news/aff-targets-colleges-free-piano/
