‘Nigeria-419’ - Internet scam comes to India

DQW Bureau
New Update


Millions have got those emails-requests to transfer $ 30 million into our account from a Nigerian ‘official’, with an offer of a 25 percent cut for you. Many years down, in 2003, people are still getting conned and losing thousands of dollars in this super-scam, which has come to Asia-and India. CyberMedia's news reporters worked with a net-savvy Indian to track the scamsters and their victims across India, China, Taiwan, Hong Kong, USA, UK, the Netherlands, West Asia and Pakistan, through a murky trail of mail exchanges, dollar advance payments and ‘meetings’.

This multi-billion dollar, Internet-enabled scam is well known to the US federal agency, the FBI. Now it's come to India. Estimated to be the fifth-largest industry in Nigeria, this scam is over two decades old, moving from paper mail to fax to Internet mail. Also called the ‘Advance Fee Fraud’, the scam is better known as the ‘Nigeria 419’-because Section 419 of the Nigerian Penal Code covers fraud. (In India, it could have been called the ‘India 420’, after the equivalent section in the


According the Internet Fraud Complain Center (IFCC) report of 2002, the year saw the number of Nigerian letter fraud complaints moving up from 2,600 to over 16,000. While the total dollar loss from all referred Internet fraud cases during 2002 was $ 54 million-the mean and the median dollar loss being $ 1,482 and $ 299 respectively, the Nigerian 419 letter fraud with a median loss of $ 3,400 is the highest dollar loss per incident as per IFCC's annual report.


The scam is simple: you get a mail saying, a senior official of the Bank of Nigeria had stashed away $ 35 million and died without next of kin. Or, in one of various global variants, a Taiwanese ‘banker’ writes, saying a client has died in a car accident, leaving behind $ 30 million with no claimants. Can you stand in as next of kin, so that the money can be transferred to you? For your trouble, you would get 25 percent.

As victims get drawn in, the demands start: advance money for attorney fees, stamp paper, expenses, bribes these can range from $ 5,000 - $ 100,000 (one victim we traced out had just paid $ 70,000 by a single cheque). They also try to draw the victim to Nigeria or another country, finally holding them to ransom to extort more money from them. Many victims have faced this plight-and lives have been lost.

A quick survey by Cyber News Service among 30 email users suggested that some 65 percent receive ‘Nigeria 419’ solicitations. And Indians are among them - mail recipients and victims too. While few of the Indian victims that Cyber News Service managed to speak with, were forthcoming about their negotiations or their losses, CNS reporters managed to gather information about several negotiations and trace at least one case where an Indian lost money.


A Mumbai-based businessman admitted that he had paid up Rs 232,095 ($ 4,987) and shot a question right back. "Why didn't you tell me before I sent the cheques?" Another Indian who was in negotiation with the scamsters, an ex-army man from Patiala-admitted he wasn't fully convinced about the offer, or the credentials of the people he was dealing with. But there were others, who, despite their doubts, were still negotiating, and paying up. What was disquieting was the fact, that the racket-aided by Internet mail-has not been restricted to metro and bigger cities only. The list includes a small-time film producer from Sahibabad in Uttar Pradesh, another working in a Bangalore-based animation company, businessmen in Mumbai and Rohtak, and another working class person in

Nowshehra, Srinagar.

Multiple ‘banks’ in Hong Kong

Our investigation focused on one of the many groups behind this racket - a group using banking facilities in Hong Kong to run their 'business' seamlessly. The modus operandi is simple - while ‘funds in Nigeria’ remained the primary bait, the objective was to deal through fronts based in Hong Kong, the USA and the UK. The so-called ‘iron hand’ image of these countries is being used to make the victims believe that it could be a real offer after all.

Our probes revealed that one of the gangs had at least seven such fronts - Origin Merchant Bank (, Banquedenationale Bank (www.banqe, Global Banking Corp (, Citi Express Banks Inc (, Swiss Corps Inc (, Eurocentral Union ( and Transglobe express Co (, specifically created for this purpose. In most cases that we looked into, victims were asked to deposit money in favor of either of these companies in a 'corresponding bank'.


Our investigations also reveal that the perpetrators had withdrawn HK $ 7.3 million (or Rs 4.3 crore) from one of their current accounts in a leading bank in Hong Kong using different modes-cash withdrawals, using ATM and electronic transfer, all this in less than ten months, between August 2002 and June 2003. Going by the average transaction amounts for all seven fronts, it is estimated that this one group has managed to wangle people out of nearly Rs 30 crore in a year's time.

Cyber News Service also contacted several of the victims and those negotiating with the culprits about the fraud, asking them to send us copies of the mails exchanged with the scamsters, to probe for more proof. CNS reporters informed the victims about the scam, and some reported the matter to police.

A lady from China disclosed that she had sent $ 131,016 to one of the accounts, a gentleman from Kagawa, Japan had just sent $ 15,040. Another victim, Shaari Mohammad, had already paid a stamp duty of $ 3,200 and a further $ 1,100 as endorsement charges. All of them said they had decided not to send any more money. The lady in China has since reported the matter to the police in Hong Kong.


Incidentally, the Hong Kong Monetary Authority also issued a press release on June 19, 2003 warning people against any dealings with one of such front - Banquedenationale Bank-strengthening our probe as well. HKMA has also referred the website to the Hong Kong Police Force for further investigations. It has since been liaising with financial authorities in the US and UK to take appropriate action in cases related to the website.

Meanwhile, CNS has handed over its findings to investigative agencies in India who have also contacted their international and foreign counterparts. We have also set up a website to help people report about the scam and also to spread awareness about it.

How the ‘Nigeria 419’ scam works?

  • An individual or company receives an e-mail, from an alleged ‘official’ representing a foreign government or agency-more often from Nigeria or any other African nation

  • An offer is made to transfer millions of dollars in ‘over-invoiced contract’ funds into your personal bank account

    You are encouraged to travel overseas to complete the transaction

  • You are requested to provide blank company letterhead forms, banking account information, telephone, fax numbers

  • You receive numerous documents with official looking stamps, seals and logo testifying to the authenticity of the proposal

    Eventually you must provide up-front or advance fees for various taxes, attorney fees, transaction fees or bribes

  • Finally, you have to travel to Nigeria-either directly or via a bordering country-to meet Nigerian government 'officials'

    Fake documents are made by the perpetrators to smuggle you into Nigeria

Once there, you have no option but to 'cooperate' by paying money or ransom Common variations on this scam include ‘overinvoiced’ or ‘double invoiced’ oil or other supply, and service contracts where ‘some officials are trying to get the funds out of Nigeria; crude oil and other commodity deals; a ‘bequest’ left you in a will; ‘money cleaning’ where the perpetrator has a lot of currency that needs to be ‘chemically cleaned’, before it can be used and he needs the cost of the chemicals; ‘spoof banks’; where there is supposedly money in your name already on deposit; and ‘paying’ for a purchase with a check larger than the amount required and asking for change to be advanced. Or the victim will just be stiffed on a legitimate goods or services contract...the variations are very creative and virtually endless.

IT-enabled scamming

Our investigation also shows that some of the culprits-at least the kingpins-are well versed with technology, creating websites and tele-banking infrastructure. Most of the gang's front organizations have actually been created only in the virtual world, the main objective being to create websites similar to that of real banks and convince victims that the company actually exists.


There's another objective as per which, all victims are asked to register themselves online through the websites of one of these companies. As soon as one registers on the site, and personal details are updated in a database file, with ‘victims’ being sent mails from the so-called bank informing them about their account as well as the pin number.

However, a closer look into some of these sites made us realize that, most of the pages were static Web pages that get displayed at the click of the link. Also, the source code of the HTML file used for these sites, did not have any encryption or security features. Most of the servers used by the scamsters were found to be PHP servers, and a users' account number and password was being used to redirected them to an html page that merely displayed the funds balance record from the same database. The scamsters have also set up 'tele-banking' by connecting their telephone lines to the computer, with CTI (computer-telephony interface) and IVR software. The computer is updated with the users' record on a regular basis. Again, victims in most of the recent cases have been asked to use this facility.

They were also found to be using e-fax facilities through service providers in the US and Europe. These numbers are being used as contact numbers for the companies floated by them to deal with the public at large. The electronic fax facility helps the perpetrators receive faxes and voicemail in their e-mail inbox, and also store them on their computers. A fax sent to any of these numbers is automatically processed by the service provider and is sent to the subscriber as an as an image file via e-mail. Similarly, the scamsters also use it to 'e-mail' a fax to their victims.

Shubhendu Parth &Nisha Kurian