Scam and spam: the top 5 wild legends in "Nigerian" mailings are named

The scammers invited users to join the secret society of the Illuminati to gain wealth and power, as well as looking for someone to give a piano to and so on. Such unusual offers were received by users in the form of so-called Nigerian spam. In total, over 155 thousand such emails were blocked in Russia in 2024. Experts believe that in 2025 this format of cyber threats will remain relevant, and the number of mailings will continue to grow.

The most unusual spam mailings

Kaspersky Lab experts have named five of the strangest offers from scammers on the Web. The top was headed by a mailing in which the attackers invited the victim to join the secret Illuminati community, whose members were allegedly ready to share their wealth and power. In another spam campaign, the letter writers were looking for someone to give a piano to. They did this allegedly in connection with the death of the previous owner and the relocation of the heir to the musical instrument.

Also in the top five was a legend with generous Samaritans. In some plots, the scammers pretend to be, for example, a wealthy elderly person who has won a large sum of money in the lottery. On his behalf, they send letters informing recipients that the "benefactor" has decided to share part of the winnings. To make the letters more convincing, they can attach photos of "documents" that supposedly confirm the identity of the generous donor.

In addition, the attackers used a scheme in which they sent users letters allegedly from representatives of a large financial organization. The authors of the message referred to the fact that some "corrupt employees" tried to steal the addressee's money. The fake representatives of the "bank" claimed that they had taken measures and were ready to pay a large sum of money to compensate for the damage if the user contacted them at the specified contacts.

Fraudsters can target not only private users, but also organizations. In one legend, attackers claimed to be looking for businesses to invest in. To arrange a "partnership" with the recipient's company, they asked for a reply to an email.

- The main danger of "Nigerian" letters is that a person may not notice the risks: there are no phishing links or suspicious attachments in the messages. Fraudsters use only social engineering techniques to lure away money, invent convincing baits and correspond with the victim for a long time to achieve their goal, - said spam analyst of the company Anna Lazaricheva.

In total, the company's specialists blocked more than 155 thousand emails related to "Nigerian spam" in Russia in 2024. Experts pay attention: despite the fact that such scam schemes appeared a long time ago, today they remain a problem, since the legends of attackers are constantly evolving.

- Spam mailings in general have a wavelike character. For example, in Q3 2024, the number of blocked emails in Russia that are categorized as "Nigerian spam" nearly doubled compared to Q2. In 2025, this cyber threat remains relevant, we do not exclude that the number of such emails will grow," said Anna Lazaricheva.

In general, in recent years there has been a decrease in the number of letters with "Nigerian spam", added Dmitry Moryakov, head of the spam analysis group at Mail Mail. He noted: the share of this type of spam in its usual form is less than 1% of the total volume and is not one of the three popular blocked categories of junk mail.

- This is due to the development of ML-models, complication of registration and purchase of domains and IP-addresses for mailings. This can also include the high cost of infrastructures and a decrease in the number of affiliate programs that support email newsletters," he explained.

As a defense, experts advise to be critical of any generous offers, even if they allegedly come from a familiar person. It is necessary to check contacts for communication, specified in the letter: if they do not coincide with the sender's address, it is a reason to be wary. Experts also recommend paying attention to errors and typos, as there are no suspicious attachments in messages.

How to fight cyber fraudsters

"Nigerian letters" are typical and remain a known form of deception for decades, attackers are working out new hypotheses to profit from gullible users, said CEO of Phishman and Skolkovo resident Alexei Gorelkin. According to him, in most cases they urge to go to the site and enter payment data or install an application for further cyberattack.

- A unified bill on measures to combat cyber fraud is planned to be introduced in the State Duma in the spring of 2025. Some of the 30 measures that will be proposed in it are already known: it is the formation of a database of voices of telephone scammers, the ban on mass spam calls, calls and SMS-mailings, as well as the labeling of calls from legal entities,- told "Izvestia" deputy of the lower house of parliament Anton Nemkin.

The expert also noted that in 2026 the Unified National Platform to counter fraudsters on the Internet should be launched, and its "pilot" may start already this year. The design is currently underway together with federal executive authorities, banks, the Central Bank and telecom operators.

In addition to "Nigerian letters," cybercriminals are actively distributing links to fake lottery tickets, various giveaways on behalf of well-known brands, non-existent cash compensation or fake job offers. Cybercriminals also use phishing emails to steal user accounts from various online services, messengers and social networks, recalled Maria Sinitsyna, Senior Analyst of Digital Risk Protection at F.A.C.C.T. Company. Maria Sinitsina.