Forget the Nigerian spam scam; now it's a take-off on Three Kings

Computerworld - A twist on the classic Nigerian e-mail scam that steals from the plot of the George Clooney movie Three Kings is hitting in-boxes, Symantec Corp. said Monday.

In these e-mails, a U.S. soldier based in Iraq claims that he has found a horde of cash or gold, a plot point central to the 1999 film. The e-mail explains that the total "haul," which is often pegged at $750 million but can vary wildly from spam run to spam run, has been split among the men who found it. The soldier's take: $20 million. Unfortunately, after he was cashiered from the army and returned to Iraq to work as -- tugging at the heartstrings -- a humanitarian worker, he was injured by a roadside bomb and now is on his deathbed.

"The doctors have told me point blank that I would die at any moment," the soldier writes in the spam message.

All the recipient has to do to collect the millions -- or sometimes only half, with the other going to a charity -- is give up an e-mail address and phone number.

"You are now being e-mailed by a soldier, an American soldier who wants to share his new-found wealth," said Kelly Conley, a researcher at Symantec, on the security group's blog. "He is an American, so it's not like you're sending your money to the great unknown of a stranger or foreigner, right? This one is much easier to fall for."

In traditional Nigerian schemes -- dubbed that because they typically originate from the West African country -- scammers claim that they need help in moving money to the U.S. The messages promise recipients a share in return for an upfront fee, and therein lies the scam.

"All of a sudden the game changes," said Conley. "It's no longer written in poor English, where you deal with a stranger for the purpose of purely obtaining cash for personal gain. Instead it's [an] injured American soldier who wants to share his fortune with you and charity."

Read more about Security in Computerworld's Security Topic Center.