This post is being written explicitly for singles, widowers as they are the most easiest type of people to get sucked into this kind of scam.So hopefully, the post will enable people to take proper precautions.
Just like millions of users who are undated with endless flow of information (in other words garbage because you don’t have time) I too am usually swept in this unending information flow.I have to admit I was swinging between publishing this post or not for last two months (since the knowledge of the scam.)
As being a net citizen I try to keep up with the various types of scam and had heard about ‘Aishwarya Rai’ scam and those kinds of scams. The idea is/was simple, you make a throwaway e-mail id from one of the various free e-mail services, give some other name and take a beautiful photo of any of our beautiful actresses and pretend they are somebody else. So this was in back of my mind.
So about two months back I got a nice e-mail from a certain Lt. Gen. Susan Helms. The photograph was attractive, but as week-days are hell for me, I usually keep interesting mails to see on the week-end in detail.
While I removed the mail after informing google that it was spam, I do recollect some of the content of the mail. What struck me on the mail was, that it was very generic, claiming s/he found my profile on my site without stating which site. The language in grammar was okish but as I have spoken with Indian and American Military people, I do know they try to keep a higher standard for the language. So that was what seemed off at first. Also being a rational person, I couldn’t believe a person in authority such as Lt. Gen. Susan Helms. would mail me. I doubted she would have lack of company both the way she looked as well as the authority she had. If some of you have seen and known me, I don’t think anybody in their right mind or left would mistake me to have the physique of Mr. Salman Khan or any greek god.
Hence, the second thing I did was to take the photograph and run it through images.google.com . Google provides a service where it takes any photograph and runs through it databank and sees if there is a duplicate of that photo in any website it will try to show you. The first hit was the duplicate :-
Going through the source I came to know that indeed she was military personnel and one who had been in the news quite a bit. I did take an interest in her after I came to know of the scam and she was recently in the news . Anyways, finding that photograph from public domain, that too wikipedia made me more suspicious. The next thing I did was look at the origin of the e-mail. While I don’t know if yahoo provides the same service or not, Gmail does have the show original link. The show original link exposes the header of the email. For people like me, it is a gold mine as you can know a lot from the header. There were number of things in the header which was inconsistent with the content of the letter. The IP origination was somewhere else (either Nigeria or Malaysia) but not Iraq where the person had claimed s/he was writing from. Also there was presence of others which also led to the conclusion that this is Spam.
An example of where the IP from header is in the original mail. The following is an extract from gog.com . GOG is a gaming site, I used to visit it in the past and do get emails still now and then.
Received: from gogcom-batch-2.atm.gog.com (gogcom-batch-2.atm.gog.com. [220.127.116.11])
Now once you get the IP you can use whois to find out where that IP dissolves to :-
$ whois 18.104.22.168 | grep netname
The whole investigation on the email might have taken less than 20-30 minutes but it left a sour taste in mouth. This was a very basic social attack/spam but increasingly the scammers are going to become more sophisticated. At the end, I just came to know of a site which tells the same stories. Even if 1-2 people become safe from such scams I would say the post benefited.