Exploring Information Security

View Original

Beware Advance Fee Fraud (AFF): The Piano Scam 

Timothy De Block

Created by ChatGPT

This is a short blog post I wrote for our security awareness internal communication. Feel free to grab and use for your own program. Created with the help of ChatGPT.

Beware Advance Fee Fraud (AFF): The Piano Scam 

Cyber threats are constantly evolving, and one of the latest scams targets unsuspecting individuals with a piano-themed fraud. This scheme, dubbed the "Piano Scam," preys on the goodwill of victims by offering a "free" piano, only to defraud them through advance fee payments for shipping. 

This type of scam is targeting people in the education sector but other scams like this will target other industries such as healthcare or the food industry. Understanding these types of scams will help identify when similar scams are used against our company.  

How the Scam Works 

  1. Initial Contact: Victims receive an email claiming a free piano is available due to a family death. 

  1. Shipping Fraud: The scammer directs victims to a fake shipping company, which requests payment for delivery fees via various methods, including Zelle, PayPal, and cryptocurrency. 

  1. Data Harvesting: Personal information such as names, addresses, and phone numbers are also solicited. 

Recognizing the Scam 

  • Too Good to Be True: Be cautious of unsolicited offers that seem excessively generous. 

  • Unverified Senders: Emails from unfamiliar addresses or free email services should raise suspicion. 

  • Payment Requests: Legitimate giveaways do not require upfront fees for shipping or handling. 

Prevention Tips 

  • Verify Sources: Independently verify the sender and the legitimacy of the offer. 

  • Avoid Clicking Links: Do not click on links or download attachments from unknown emails. 

  • Report Suspicious Activity: Inform your IT department or local authorities if you encounter such scams. 

Understanding the tactics used in the Piano Scam can help you avoid becoming a victim. Stay vigilant and informed to protect yourself from these and other cyber threats. 

For more detailed information on this scam, visit Proofpoint's Security Brief