English
The Internet threat alert status is currently normal. At present, no major epidemics or other serious incidents have been recorded by Kaspersky Lab’s monitoring service. Internet threat level: 1

Congratulations, you’ve won! The reality behind online lotteries

It’s amazing how often we get a message telling us we’ve won the lottery. These glad tidings share plenty of similarities: the winner is notified that he has won a handsome sum of money in a certain lottery and must contact a lottery official to receive it. Sounds tempting, but alas, this is nothing more than network fraud .

In order to receive the winnings, the user is asked to send money – ranging from a few hundred to several thousand dollars – to a specified account. This is ostensibly to meet expenses like money transfer commission, taxes, fees for opening a bank account, etc. The “lucky winner” often sees this money as insignificant in comparison to the sum they’ve just won. However, once they receive the “fee”, the fraudsters disappear, and the unwary user has little chance of ever finding them.

Be careful! Do not fall for these scams!

Telltale signs of lottery fraud

So, how can a user identify a fraudulent message?

The answer is simple: if you haven’t participated in a lottery, all “winning” messages are fraudulent.

The reader’s next question may be: what if I have in fact taken part in a lottery in the hope of a big win?

If the prize draw has actually taken place and you have actually participated in the lottery, you will be addressed by your name (or the number of the lottery ticket that you purchased), and the letter will contain the address and the name of the company that organized the lottery.

Fake lottery win notifications may come in a variety of shapes and sizes. A lot of them contain bad spelling mistakes. This is a sure sign of a fraudulent message. Serious lottery companies have editors and copywriters to make sure their letters are written properly.

In some cases, the fake messages are well written, but they are sent from public mail servers like gmail.com, hotmail.com or yahoo.com. Please remember that messages from a reputable company are always sent from corporate addresses.

In some fake lottery messages, you may be asked to reply to an e-mail address which is different from the sender’s address, e.g. to the address of an “agent” or “manager”.

In other words, a fake lottery message will always contain some type of discrepancy. Watch out for them.

Congratulations…

Here are some typical ‘Lottery letters’ that make use of the ploys most favored by the fraudsters.

A European lottery…in Nigeria

One email informs recipients that they have won a prize in a European lottery:

Expressions such as “your email address was selected” or “your address has won” are telltale signs that the message is part of a scam. After all, you haven’t used your address to participate in a prize draw, have you? And even if you have, it was unlikely to have been the European lottery named here.

If nothing else, the request to contact a Mr. Marshall Ellis in Nigeria, who for some reason uses the public service live.com, is bound to convince us that what we are dealing with here is spam – lottery organizers just don’t ask winners to contact them at their personal email addresses. All communication in such cases would be sent to and from a business address. Moreover, if the lottery is European, then why does Mr. Ellis reside in Nigeria?

Highly inquisitive users may well wonder about the euroonlinelottery.com domain from which the message was sent. Their suspicions would be confirmed. Yes, that’s right, no such site actually exists. Instead, the browser redirects to wn.com (World News). There is no sign of a lottery at the site and never has been.

Participating in lotteries without knowing about it

The second message promises a lottery win from Coca Cola, but, inexplicably, is sent from a French Yahoo! server:

The fraudsters obviously expect some recipients to suspect a scam and attempt to convince them otherwise. Here’s another example of a scam that no doubt appears to be perfectly plausible from its authors’ point of view:

We won’t bother citing this rather long message, which is designed to look like an email from Google, in full. We only want to draw your attention to the second paragraph where it states: “The online draws was conducted by a random selection of email addresses from an exclusive list of E-mail addresses of individuals and corporate bodies picked by an advanced automated random computer search from the internet. However, no tickets were sold but all email addresses were assigned to different ticket numbers for representation and privacy.”

Name-dropping

It’s easier to get the victim to take the bait if the fake lottery uses the name of a reputable organization, be it Coca Cola or Google, BMW or McDonald’s, Microsoft or Yahoo! Unfortunately, these companies cannot do anything about random fraudsters exploiting their names for their own ends.

These messages claim to come from large companies which are allegedly conducting lotteries. The attachments contain more “you won” messages. But why would representatives of all these companies send messages from public mail servers like Gmail or MSN?

Should you receive an email of this type, visit the specific company’s official website; most likely, you will find that the company is not actually holding a lottery of any kind. Furthermore, if you Google "Coca Cola lottery", "Yahoo lottery", “Google lottery” etc., you will receive links to articles describing this type of online fraud with specific examples and even victims’ stories.

Lost in translation

The Google Translate service has made life much easier for online fraudsters with international ambitions. If earlier their target audience was limited to their compatriots, now they can send messages to users all over the world. We routinely receive such notifications in English, German, Spanish, Portuguese, Ukrainian, Polish, Norwegian and a number of other languages, not to mention Russian.

Below are examples of the joint creative efforts of the fraudsters and translating machines. The sample texts are in English, German and Spanish.

We can’t really imagine that any of our readers would be suckered by such linguistic creations, but still, we urge all users to be cautious. Real lottery organizers would not mutilate a language like that in the above examples.

Beware!

We could go on forever with examples of fake lottery win messages. According to Kaspersky Lab’s statistics, messages like this can make up as much as three percent of all spam in any given month – that’s thousands of messages. To avoid falling victim to online fraud, you need to follow some simple rules:

  1. Remember, you cannot win a cash prize in a lottery you have not participated in.
  2. Do not trust automatically translated messages or those containing obvious mistakes.
  3. Always check the sender’s email address(es). Lottery organizers will not send messages from free mail services.
  4. If you still think the message you have received is about a real win, check all the information. Use search engines to look at the lottery name, the senders’ names and telephone numbers. Among the search results you may find detailed commentary.
  5. Most importantly, always remember: there is no such thing as a free lunch.

2 comments

Oldest first
Threaded view
 

praveen

2012 Jan 29, 06:10
0
 

Nice article

ya everytime my spam will be fully filled with these types of fraud mails and i also think the same and i used to discuss withmy friends as a joke.

Reply    

sambathcs

2012 Feb 02, 19:21
0
 

SUPERB ARTICLE

Thank you very much..........

Reply    
If you would like to comment on this article you must first
login


Bookmark and Share
Share

Author

Analysis

Blog