Phishing campaign uses “free piano” as a lure to target Americans

June 3, 2024
Phishing Campaign Free Piano Spam Emails Scamming Fraud Alert

A large-scale phishing campaign uses a unique technique to make at least $900,000 by fooling email recipients into thinking they will receive a free piano.

Reports stated that the campaign started earlier this year and sent over 125,000 emails. The research indicated that the emails were primarily sent to North American university students and professors. Still, occasional reports of emails being sent to the healthcare and food and beverage service businesses exist.

 

The phishing campaign used the free piano bait as a giveaway.

 

According to investigations, the phishing emails containing the free piano bait were sent to targets from a university professor. The email informs them that a guy named Dereck Adams is offering a 2014 Yamaha Baby grand piano for free to anyone interested.

The letter includes an email address to arrange inspection and delivery, and if contacted, the threat actors react with a message claiming to be from ‘American Van Lines Movers Services.’

The second email has legitimate features, such as an item reference number, dimensions, weight, and three delivery alternatives.

Additionally, the email expresses urgency, indicating that several people have expressed interest in acquiring the piano and recommending that the first person to pay for the delivery receive it.

The investigations also showed signs of fraud in the emails, as the recipient’s only payment alternatives are Zelle, Paypal, Apple Pay, Chime, and Cash App, making tracing and reversing the money considerably more complex than conventional methods.

The delivery cost varies between $595 and $915, depending on the option, and while it is significant, it is far less than the specific piano’s worth, which is between $9,000 and $13,000.

Although the approach used in these phishing attacks is not new, the results show that it is highly efficient and successful since recent research revealed that the single Bitcoin wallet address associated with this campaign currently has almost $900,000. However, whether this is all due to the “free piano” offer is unclear.

Further analysis also noted that one of the scammers utilised a Nigerian IP address, raising suspicions that the attack came from an organisation based in Nigeria.

About the author

Leave a Reply