This week’s funniest spam email, and why a strong email password is good

I don’t normally see much spam thanks to the spam filters, but I did see this funny one a few days ago:

IMF APPROVED PAYMENT LETTER.

GOOD DAY TO YOU,

It is a great pleasure to contact you this day as i have just been appointed the new Chief of the International Monetary Fund (IMF) and on assumption in office i have seen your untreated transaction with my else while predecessor Dr Dominique Strauss Khan, i
have seen the records of all your payment made in the past to (IMF) and also have a complete files of yours here with me.

This mail is to inform you that i am here to release without any delay your outstanding contract payment of $10.7 usd as reflected here in my record to you within 24hrs from when you respond to this mail.

As i wish to inform you that there will be no fee needed for this transfer. but be informed that the only thing needed is the Affidavit of claim (AOC)of which you have to respond back to my e-mail and i will direct you to the right office for you to get the Affidavit of claim (AOC) so i advise you to get back to me as soon as you get this mail so that i can know what actually went wrong and why you weren’t paid along with others.

Re-confirm to me the followings information to enable the urgent processing of your payment.

1.Name
2.Phone,fax and cell number
3.Delivery Address.
4.Age,profession and sex.
5.Copy of ID.

Endeavor to call me as soon as you get this mail on my official number below in this mail.

Treat as top urgent.

Regards,

Dr.Mrs Christine Lagarde
Chief of the International Monetary Fund (IMF)
DIRECT E-MAIL: of-fice-m-ail01@msn.com

“Top urgent”! I didn’t realise the head of the IMF sent these emails out personally, and from an MSN account, but there you go.

Presumably this was sent from the IMF’s Nigerian branch office.

I can’t help thinking they meant to say $10.7 million usd — a mere $10.70 doesn’t seem like it’s going to convince many people to send in all their details.

On a more serious note, a friend of mine got his web email account hacked this week. Not only did his contacts receive an email allegedly from him, claiming he was on vacation (a term he and most Australians would never use) in Spain, had lost his wallet and his phone, only had email access, and was in desperate need of money — and could I please send funds via Western Union?

They also changed his Reply-To address slightly, so any replies were likely to go to the scammers (unless you noticed the change, which was quite subtle).

I rang him up, and he was quite definitely in Richmond, not Spain. He’s now changed his email password and Reply-To address.

It underscores the value of strong passwords, and also (if you are using a webmail provider that offers it, such as GMail) two-factor authentication — in GMail’s case, it means they confirm your logon once a month (or when you use a different computer) by sending you a text message. This means a hacker not only needs your password, they also need your mobile phone to get into your email, which makes things much safer. Here’s how to switch it on in GMail.