Talk Scammy To Me
Learn to spot fraudulese (but hopefully not to speak it).
I’ll admit it. Over the last few years, I’ve somehow become obsessed with scams.
I breathlessly consumed The Dropout, a podcast that chronicles the career of Theranos’ Elizabeth Holmes (and watched its accompanying Hulu miniseries). I couldn’t help but click on every news story that would pop up about faux heiress Anna Delvey (Sorokin). My YouTube homepage started recommending videos of YouTubers who take down international scam call centers, or intentionally waste scammers’ time on the phone for hours just to know they’re not hunting real victims. And my guilty pleasure TV show is MTV’s Catfish, a show that unites lovesick people with their (most likely fake) internet significant-others.
I can’t pin down exactly why scams are so fascinating. But perhaps it’s because in one way or another, we’ve all encountered them — and maybe we even know those who have fallen in much deeper than we have.
Check your Facebook profile and you might find friend requests from abnormally good-looking strangers with generic names like “Mark Smith” who think you’re beautiful. Take one peek at your texts and you’ll likely see a graveyard of personalized-yet-flat messages designed to get you to respond.
Here are a few texts that I’ve saved from my own text inbox over the last few weeks:
“Are you coming over for dinner tonight? I will make chicken.”
“Hi Paul, I found a nice new coffee shop, are you free to go with me?”
“Hi Mr. William, are you free to come to my office on Wednesday?”
“我是Alan介绍的,请问你这里是可以改装Maserati的内饰是吗?” (Alan introduced me to you, is this the person who modifies Maserati interiors?)
“How are you”
“Hi”
Typically, as soon as I receive these texts, I immediately delete them and report the number that they originated from. But I have to admit that there have been a few occasions when I engage just out of boredom.
The text directed at Paul was one of these moments. I decided to respond, “Sure, what’s the name of the coffee shop?” and never got a reply. Boo.
(Later on, I realized that the fact that I was engaging at all was probably why I was continuing to receive texts like those. Whoops.)
While I haven’t exchanged messages with a scammer for long enough to get to the bottom the scam, the premise seems simple enough.
Someone might reply, “You must have the wrong number, this is not Paul.” The scammer responds, “Oh I’m so sorry, I hope this has not inconvenienced you. But you are so kind. I would love to be friends with someone like you. Maybe fate has brought us together.” And thus, a new digital friendship is born — one that might result in money exchanging hands some day down the line.
But how do we avoid this? Certainly we’re not responding to all of these — something in us tells us that these messages aren’t genuine. (That is, unless you’re Michael G. Scott, who famously proclaimed: “When the son of the deposed king of Nigeria emails you directly asking for help, you help. His father ran the freaking country, okay?”)
So what is it about scam messages that sets off alarms in your brain? How do we know that the language of a scam really constitutes a scam?
Grammar
Scams have gotten highly sophisticated over the last few years. But in some earlier scams (like those of emails or — gasp — faxes or letters), grammar was a dead giveaway that something shady was going down.
In Schaffer’s (2012) study of “419 advance-fee” scam emails (named after the Nigerian criminal code section that deals with fraud), grammar was one of the most striking details that made an email look sketchy. For example…
93.3% of emails contained comma errors (either missing or misplaced).
83.3% contained capitalization errors (either misused, missing, or TYPED IN ALL CAPS)
And 83.3% of emails contained lexical errors, often opting for words that sounds overly formal and business-like to sound extra trustworthy (for example: "I meant ... to pass a very urgent and profitable Business proposal and well approaching matter across to you.”)
Word Choice
If you have just a few lines to capture a victim’s attention, your word choice matters! Here are some of the common themes that scammers lean on to guide their word choice:
Make it real, but make it vague. Scammers will often throw in overused, corporate-sounding phrases that sounds real enough to make you want to investigate more. This includes words and phrases like “account information,” “security alert,” “your package is out for delivery,” “billing information,” or “now available.”
Convey secrecy and urgency. Words like “ready,” “now,” “click here,” “hour,” or “48 hours” might make someone tap a URL without giving it much thought. Schaffer found that this was key in email subject lines, which contained words like "urgent" (in 33.3%); "business" (16.7%); "please" (16.7%); "assist," "assistance," or "help" (16.7%). And 83.3% of emails explicitly called their business confidential or secret (for example: "First, I must. solicit your strictest confidence in this transaction; this is by virtue of its nature as being utterly confidential and top secret"). The texts I received about Paul’s coffee shop meeting and Mr. William’s office meeting are more personal-sounding versions of this — any sympathetic person might want to let the sender know straight away that they’ve reached the wrong person.
Prompt action. To get victims to react quickly, fraudulent texts might include action verbs such as “verify,” “update,” “confirm,” and “click below.” Others might simply want you to respond out of courtesy — mostly, that they have the wrong number — and then they work from there. (The Chinese Maserati text is a great example of this; you’re even incentivized to reply knowing that you’ll be chatting with someone who has a 👀 Maserati 👀)
Don’t react!
Perhaps you’ve noticed that jumbled grammar seems to be more of an issue with longer messages like emails, and less of a giveaway in short ones like texts. This is likely because today’s sophisticated scammers are hyper-aware of their goal: get victims to engage without overthinking (fueled by a dash of fear or sympathy, depending on the message). A scammer has one short window in which they can get you to react — so they want to make sure they get it right.
In a study led by Visa on how to spot “fraudulese” in even the shortest of messages, researchers found that messages will often include one or more of these five “moves” to entice their victims into engaging (often, clicking on a link) —
1. Solution (reschedule a package delivery, verify an account)
2. Problem (“We have noticed unusual activity on your internet banking account.”)
3. Establish credibility (posing as a company, like "Amazon Security Alert”)
4. Offers (“Click here to redeem $100 credit from UberEats!”)
5. Urgency Statements (expiry statements, consequences for inaction, wrong numbers)
But there are so many more
This is barely the tip of the iceberg when it comes to scams in the modern internet age. Scammers are hiding inside almost every digital alleyway, ready to pounce as soon as you let your guard down. Perhaps while reading this, you’ve gotten a flashback to a scam that you almost got sucked into. Or maybe you know someone who’s been a victim themselves.
Perhaps it was a customer support page that looked convincingly real, which led you to a representative that kept you on the phone for hours before you started to get suspicious.
Maybe you know someone who attempted to contest a fraudulent purchase that was seemingly made through their Amazon account, but something went wrong and they had to buy $1200 in Google Play gift cards to “fix” their error.
Or you might have heard of “pig butchering” scams, which rely on relationship-building — often of the months-long romantic sort — and result in victims losing their money through bogus cryptocurrency investments.
So, in all these situations, how can we distinguish the real from the scammy? Unless you are a perpetual victim of fraud, you’ve relied on a very legitimate and useful tool to determine exactly which texts are worth ignoring — your intuition. And that’s nothing to scoff at.
But scammers are really good at what they do, and are getting better. The FBI’s 2020 Internet Crime Report shows that there were 791,790 complaints of internet crime in 2020 alone, comprising a whopping $4.2 billion in losses. So in addition to doing all the “internet safety” things you need to do to protect yourself (come on, change those passwords!), make sure you stay updated with what the latest scams are — and how scammers try to catch your attention.
(By the way, here’s the latest one I heard about, which is probably more in the pure “virtual thievery” category rather than a scam — iPhone thieves can break into your Apple ID, lock you out of your account, and drain your bank accounts in mere minutes. Watch this terrifying video about iPhone thieves to rethink your digital security life — I highly recommend it for anyone who is an Apple user. Scary!)
So in a digital world rife with con artists and scammers, make sure you look out for yourself, hone your intuition, and keep an eye out for others!
Thinking of someone who would find this article interesting? Feel free to share this article and let me know your thoughts in the comments below.
Thanks for reading and see you next Tuesday!
I don't even register spam anymore because it is such a common occurrence! This was such a fascinating read, as usual.
This is a very fun and informative piece! I've gotten spams a lot in Chinese and I always wondered how they knew 😅