Nigerian fraud in FSFE constitution
Reprinted with permission from Daniel Pocock.
Every now and then, a news report appears about somebody who lost control of their email account and discovered that an imposter had sent messages to all their friends asking for money. This is a form of social engineering attack.
From a recent ABC News report:
In short:
An online romance and extortion scam crackdown has led to 260 arrests across 14 African countries.
The scams targeted more than 1,400 victims who lost nearly $US2.8 million ($4.29 million).
What's next?
Interpol says the growth of online platforms has opened new opportunities "to exploit victims".
Looking more closely at the story of somebody who was impersonated:
(The Guardian) Email fraud came close to wrecking my life – and the charity I run
Margaret Owen's Gmail account was hacked into and her friends asked to send money. Here she tells how a cyber-crime recently highlighted in Guardian Money almost wrecked her charity
...
I lost all the contacts in my computer address book. It meant I almost had to close the charity I direct, Widows for Peace through Democracy, because I had missed so many deadlines and our work was badly compromised.
I am simply one of the many thousands of victims of the "mugged in Spain" scam. For Spain, substitute "Athens", "Cyprus", "Kuala Lumpur" or whatever destination the fraudsters care to use. Most of us, surely, can immediately recognise the message that urgently pleads for a loan of around £2,000 because I have been "attacked on my way back to my hotel …" as fraudulent.
But many people did not. As far as I know some £5,000 has been sent, as if to me, as a "loan to be repaid with interest". And during the month I was unable to use my Gmail account, I learned of at least six other cases where people had received similar emails as if from people they knew, and sent off large sums.
... the fact is, that in a contact list of maybe over 3,000 names, if just a handful of people fall for the scam, the fraudsters have won.
... "I am so sorry, Margaret. I know what you've been through in the last month but you have been hacked again."
...
In Dorset, I had called the local police, ...
Their advice was to close down my Gmail account completely; transfer all the contact addresses to a private account I have with AOL, and to take a hard copy of the contacts so I would not be caught out should anything happen in the future. ..... They advised: "Don't use any of the free internet providers like Google, Hotmail or Yahoo. None of these have help lines. Only use providers you pay for."
...
The email sent in my name
"I'm really sorry for this emergency, but I just have to let you know my present predicament. I apologise for not letting you know about my urgent trip to Spain. Everything was fine until I was attacked on my way back to my hotel. I wasn't hurt but I lost money, bank cards, mobile phone and my bag in the course of the attack. I have immediately contacted my bank in order to block my cards and also made a report at the nearest police station.
"Meanwhile, I have also thought it expedient to confide this in you and I will be glad to have it confidential between us. I'm physically ok and fine but I'm urgently in need of some money in order to complete my major aim of being here and to balance my bills till my departure next weekend. Can you please lend me a sum of 2,500 euros (approximately 3,500 US dollars) or any amout you can afford to lend out? I will refund you even with interest upon my arrival next weekend."
Now take a moment to look at the constitution (articles of association) for the fake FSFE misfits, that is the German group impersonating the real FSF. Notice how they use the name of the FSF and Dr Richard Stallman in their constitution, just as the Nigerian scammers were using the name of Margaret Owen:
As its acknowledged sister organization, the FSFE will join forces with the Free Software Foundation founded by Richard M. Stallman in the United States of America.
Looking at the recently leaked email from 2018, FSFE President Matthias Kirschner knows that FSF does not consent to FSFE misfits using the name of the FSF or Dr Stallman.
Subject: [GA] FSF/FSFE relations, next steps Date: Mon, 12 Feb 2018 15:30:38 +0100 From: Matthias Kirschner <mk@fsfe.org> To: FSFE General Assembly <ga@lists.fsfe.org> CC: Carlo Piana <carlo@piana.eu>
[The whole process about negotiations between the FSF and the FSFE should be treated confidential, and I do not want to see anyone sharing information about this process outside this group, without coordinating this with me.]
Dear members,
During FOSDEM we had another meeting with the FSF about how to move forward with their request to change our name.
Let's face it. Matthias Kirschner is not Dr Stallman. He is not a developer. He is not a volunteer. He is not even a Nigerian but the FSFE has evolved to become a lot more like a Nigerian scam than any resemblance it has to the real FSF.
As we approach Christmas, real non-profits like the FSF and fake non-profits like the FSFE misfits make a big effort to get our attention and attract year end donations. If you care about the work of somebody who dedicated his entire life to voluntary work, it is vital to share the forbidden links to blog posts containing these leaked emails.
There may be other people who put the wrong FSFE in their will. As donors are getting older, mortality rates increase and there is a big risk that other bequests may end up going to the wrong place. People don't review their will every day. Helping people avoid these mistakes requires constant awareness-raising in the community.
Read more about the FSFE misfits usurping the name of Dr Richard Stallman's FSF.
Read more about the FSFE misfits usurping the name of Dr Richard Stallman's FSF. █