Scamming the Scammer: A Fun Way to Respond to a 419 Scam

by The Piano Guy

I had an experience today that may be instructive on how to deal with scammers.

Someone tried to make me the victim of a Nigeria 419 scam.  I didn't fall for it, and instead got to scam the scammer.  As a student in IT security and information assurance, this felt good to do.

As you would expect, all names have been changed to protect the privacy of everyone involved.  My friend's name isn't Matt, my folks weren't prescient enough to name me Piano Guy, and the scammer wasn't named "[Scammer Replaced Name]."  Prosecutions are underway through Homeland Security (no joke), so privacy is required.

A few days ago, I was asked by a friend to re-friend him on Facebook.  I figured that he had a problem with his account, so I did.  The next day, I saw a post from him wondering why he had been getting questions from people about him re-requesting to be Facebook friends.  Now, I like this guy, but it isn't like we talk every day, so I didn't make the connection.  In reality, I should have questioned the re-friend request.

The lesson I learned from this is that if someone you think you are friends with on Facebook re-requests your friendship, look them up and see if you're currently in their friends list.  If you are, that second request is from someone else who has cloned their account.

Today, while sitting home looking for more computer clients, I got a chat from the scammer:

12:00 pm

PG: Hello, Piano Guy

NIG: How are you doing today?

I am doing well. How are you doing today?

I'm okay, but not too well here.
I am sorry I didn't inform you about my traveling for a program called Science, Health and Environmental Reporting.
It is currently held in Nigeria, Sweden, and Kenya.  
I am presently in Nigeria.

At this point, I knew for sure someone was trying to scam me.

This friend in no way, shape, or form would be in a position to do this.  I looked up his number so I could call him and confirm he was home.

12:02 pm

Seriously? I had no idea.

Yes!
It has been a very sad and bad moment for me because I got robbed on my way to the hotel where i lodged.
My ID, cash and other valuables i have with me got stolen, I contacted the embassy here to help me out, 
but it will take some time to get back to me.

Really? Are you there alone?

Yes

Wow. That's horrible.

I reached the friend on the phone.  He told me about having had his profile stolen on Facebook, and that they could do nothing about it.  He was fuming.

I decided to see if I could roll with it, and eventually turn it around on the scammer.  Now, this is a dangerous game I chose to play, because the scammer could decide to target me and my friends next, but I use real passwords so I feel somewhat safer than maybe is justified.

12:03 pm

Yes, i'm in a critical condition here right now.
I urgently need your financial assistance of $600 to sort-out my hotel bills and get myself back home.
I will really appreciate your help and i promise to pay you back immediately upon my return.

No one is getting from Nigeria to the U.S. for $600, let alone sorting out hotel bills as well.

Further, my friend is a grammatical purist, and I would never see an 'i' from him in any correspondence.  I'm still playing along...

12:04 pm

I know you're good for it.

you could have it sent via western union now so i can pay off some old bills and get myself back as soon as possible

12:05 pm

I suppose I could do that. What do I need to know?

all you need to do is to look for the nearest western union agent close to you and have the money sent from there okay?

I wanted to see if I could get his contact information.

12:06 pm

I suppose I could do that, but I don't know where to send to YOU.
I can't just tell them to send to my friend Matt because he is in Nigeria.

okay, i'll give you my friend info here to send the payment to now. okay? 
he'll help me receive and give me the cash because my id and other valuables got missed too. Okay?

Okay, but I'm going to want to call your friend on the phone, so I'm going to need a phone number to reach him at.
I'm concerned about you.

I'm stalling for time and trying to get more information.

My friend calls back, and tells me that if I look at the profile I will see that it is really https://www.facebook.com/Scammer.ReplacedName.5, which has nothing at all to do with my friend's name.

I realized that I could see this myself if I clicked on the link on his name that was in the chat window, so I checked and, sure enough, that was the URL.

12:10 pm

i know, it's just a young college boy in school here, just borrowed his computer, he doesn't have a phone because i just asked him now.
I'll be fine...Okay?
here's the info ...

I should have waited here for him to give me the information, but I jumped the gun a bit.

12:11 pm

Also, what hospital are you staying at?
And, what is their phone number?
I'll wait. I know it will take you some time to track down a nurse to get that information.
Get the international code too.

12:13 pm

i'm not in a hospital now....i wasn't hurt bad at all, just stole everything from me. 
I'll be logged off soon so please we need to make the fast how soon would you be able to send it to me?

12:14 pm

I can do it this afternoon. It's already after 12 here.
I need to have some kind of other verification. If I send the kid the money, what's to say that he won't just keep it, and then you're still screwed?

12:15 pm

trust me, he won't..okay? you can mark my words on this

Okay, what is his contact information?

wait please
Receiver's Name: PETER KEN
Address: 32 araromi street
City: Ojota
State: Lagos
Country: Nigeria
Zipcode: 23401
did you get it?

I had the information I wanted, so it was time to lower the boom.

12:17 pm

I got it. I do have a question for you.....who is [Scammer Replaced Name]?

No response for four minutes... it was a long four minutes for both of us.

12:21 pm

have to go now, not mentally balanced here

That was an understatement.

12:22 pm

wait please
i should be able to get back online as soon as possible, need some rest here. Okay? 
As soon as you have it sent, you'll be given some info, kindly reply back with the Full Sender's Name, MTCN, Text Question and Answer used and the Amount Sent. 
As soon as i get that, i'll be able to make communications and get back to you immediately.
Okay?

Now that he had the nerve to come back, it was time to scam the scammer.

It is okay to lie to a liar...

12:23 pm

What does MTCN mean?
I gotta come clean with you. I'm also from Nigeria. I'm scamming The Piano Guy, just like you're scamming Matt.
How many people have you gotten to send you money on this account?

12:24 pm

what do you mean

12:25 pm

I know you're not Matt. I can see it from your web name.
I dropped a big hint when I asked you who [Scammer Replaced Name] was.
That's YOU. How much money have you made off of those American suckers?

Shortly after that, I went to put in a fraud complaint (which can be done with the gear in the chat message).  I couldn't.  He had already deleted the page.

Problem solved.  But, we're not done yet.

I decided to look up that name.  [Scammer Replaced Name] isn't exactly John Smith.  It turns out that there is a person from Jackson, Mississippi that has that name, and no one else in Facebook or Google does.

This led me to call the detective bureau there, which led me to the Attorney General's office.  They have directed me to the Department of Homeland Security (DHS), who is processing this.  I do understand that this person could either be a perpetrator or a victim of identity theft but, either way, the matter should be investigated.  All they have to do is look at this person's computer logs, and we may have taken a scammer out of the Internet pool (if they are the scammer), or may lead to logs that will help DHS find the real scammer.

Lessons to Learn
Return to $2600 Index